def test_catch_not_authorized_error(self):
lambda_impl = self.TestLambdaImpl({}, {}, self.dynamodb)
lambda_impl.exec_main_proc = MagicMock(
side_effect=NotAuthorizedError('not authorized'))
response = lambda_impl.main()
self.assertEqual(response['statusCode'], 403)
self.assertEqual(
json.loads(response['body'])['message'], 'not authorized')
def validate_article_existence(dynamodb, article_id, user_id=None, status=None):
article_info_table = dynamodb.Table(os.environ['ARTICLE_INFO_TABLE_NAME'])
article_info = article_info_table.get_item(Key={'article_id': article_id}).get('Item')
if article_info is None:
raise RecordNotFoundError('Record Not Found')
if user_id is not None and article_info['user_id'] != user_id:
raise NotAuthorizedError('Forbidden')
if status is not None and article_info['status'] != status:
raise RecordNotFoundError('Record Not Found')
return True
def validate_article_existence(cls, dynamodb, article_id, user_id=None, status=None, version=None,
is_purchased=None):
article_info_table = dynamodb.Table(os.environ['ARTICLE_INFO_TABLE_NAME'])
article_info = article_info_table.get_item(Key={'article_id': article_id}).get('Item')
if article_info is None:
raise RecordNotFoundError('Record Not Found')
if user_id is not None and article_info['user_id'] != user_id:
raise NotAuthorizedError('Forbidden')
if status is not None and article_info['status'] != status:
raise RecordNotFoundError('Record Not Found')
if version is not None and not cls.__validate_version(article_info, version):
raise RecordNotFoundError('Record Not Found')
if is_purchased is not None and 'price' not in article_info:
raise RecordNotFoundError('Record Not Found')
return True
def exec_main_proc(self):
comment_table = self.dynamodb.Table(os.environ['COMMENT_TABLE_NAME'])
comment = comment_table.get_item(
Key={"comment_id": self.params['comment_id']})['Item']
if not self.__is_accessable_comment(comment):
raise NotAuthorizedError('Forbidden')
deleted_comment_table = self.dynamodb.Table(
os.environ['DELETED_COMMENT_TABLE_NAME'])
comment.update({"deleted_at": int(time.time())})
deleted_comment_table.put_item(Item=comment)
comment_table.delete_item(
Key={"comment_id": self.params['comment_id']})
return {'statusCode': 200}
def exec_main_proc(self):
article_info_table = self.dynamodb.Table(
os.environ['ARTICLE_INFO_TABLE_NAME'])
article_content_table = self.dynamodb.Table(
os.environ['ARTICLE_CONTENT_TABLE_NAME'])
paid_articles_table = self.dynamodb.Table(
os.environ['PAID_ARTICLES_TABLE_NAME'])
user_id = self.event['requestContext']['authorizer']['claims'][
'cognito:username']
paid_articles = paid_articles_table.query(
IndexName='article_id-user_id-index',
KeyConditionExpression=Key('article_id').eq(
self.params['article_id']) & Key('user_id').eq(user_id),
).get('Items')
if len([i for i in paid_articles if i.get('status') == 'done']) != 1:
raise NotAuthorizedError('Forbidden')
article_info = article_info_table.get_item(
Key={
'article_id': self.params['article_id']
}).get('Item')
article_content = article_content_table.get_item(
Key={
'article_id': self.params['article_id']
}).get('Item')
# 記事が有料から無料になるケースを考慮し、無料記事の場合は本文(body)をそのまま返却する
if 'price' in article_info:
article_content['body'] = article_content['paid_body']
article_content.pop('paid_body', None)
article_info.update(article_content)
return {
'statusCode': 200,
'body': json.dumps(article_info, cls=DecimalEncoder)
}
def exec_main_proc(self):
comment_table = self.dynamodb.Table(os.environ['COMMENT_TABLE_NAME'])
comment = comment_table.get_item(
Key={"comment_id": self.params['comment_id']})['Item']
if not self.__is_accessable_comment(comment):
raise NotAuthorizedError('Forbidden')
deleted_comment_table = self.dynamodb.Table(
os.environ['DELETED_COMMENT_TABLE_NAME'])
delete_targets = self.__get_delete_targets(comment)
with deleted_comment_table.batch_writer() as batch:
for item in delete_targets:
item.update({'deleted_at': int(time.time())})
batch.put_item(Item=item)
with comment_table.batch_writer() as batch:
for item in delete_targets:
batch.delete_item(Key={'comment_id': item['comment_id']})
return {'statusCode': 200}
def validate_params(self):
params = self.event
if params['userName'] in settings.ng_user_name:
raise ValidationError('This username is not allowed')
validate(params, self.get_schema())
if params['triggerSource'] == 'PreSignUp_SignUp':
# 通常サインアップユーザーにTwitter・LINE・Yahoo・Facebookから始まる名前を許可しないバリデーション
if params['request']['validationData'] is None or \
params['request']['validationData'].get('EXTERNAL_PROVIDER_LOGIN_MARK') != \
os.environ['EXTERNAL_PROVIDER_LOGIN_MARK']:
if UserUtil.check_try_to_register_as_twitter_user(
params['userName']):
raise ValidationError('This username is not allowed')
if UserUtil.check_try_to_register_as_line_user(
params['userName']):
raise ValidationError('This username is not allowed')
if UserUtil.check_try_to_register_as_yahoo_user(
params['userName']):
raise ValidationError('This username is not allowed')
if UserUtil.check_try_to_register_as_facebook_user(
params['userName']):
raise ValidationError('This username is not allowed')
response = self.__filter_users(self.cognito, params)
self.__email_exist_check(response)
elif params['triggerSource'] == 'PreSignUp_AdminCreateUser':
if (params['request'].get('validationData') is not None) and \
params['request']['validationData'].get('EXTERNAL_PROVIDER_LOGIN_MARK') == \
os.environ['EXTERNAL_PROVIDER_LOGIN_MARK']:
response = self.__filter_users(self.cognito, params)
self.__email_exist_check(response)
else:
raise NotAuthorizedError('Forbidden')
# 現状CognitoTriggerは'PreSignUp_SignUp','PreSignUp_AdminCreateUser'の2種類のみなので異なるTriggerがリクエストされた場合は例外にする
else:
raise Exception
def validate_private_eth_address(dynamodb, user_id):
if not UserUtil.exists_private_eth_address(dynamodb, user_id):
raise NotAuthorizedError('Not exists private_eth_address')