def validate_params(self):
# 認証・ウォレット情報が登録済であること
UserUtil.verified_phone_and_email(self.event)
UserUtil.validate_private_eth_address(
self.dynamodb, self.event['requestContext']['authorizer']['claims']
['cognito:username'])
# single
validate(self.params, self.get_schema())
# 署名が正しいこと
if self.params.get('init_approve_signed_transaction') is not None:
PrivateChainUtil.validate_raw_transaction_signature(
self.params['init_approve_signed_transaction'],
self.event['requestContext']['authorizer']['claims']
['custom:private_eth_address'])
PrivateChainUtil.validate_raw_transaction_signature(
self.params['approve_signed_transaction'],
self.event['requestContext']['authorizer']['claims']
['custom:private_eth_address'])
PrivateChainUtil.validate_raw_transaction_signature(
self.params['relay_signed_transaction'],
self.event['requestContext']['authorizer']['claims']
['custom:private_eth_address'])
# pinコードを検証
self.__validate_pin_code(self.params['access_token'],
self.params['pin_code'])
def testRegisterHandlerWeakPassword(self):
response = UserUtil.register_user(self.testapp, '*****@*****.**', '1')
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST,
'Code constants.STATUS_BAD_REQUEST should arrive when calling with too weak password: '******'*****@*****.**')
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST,
'Code constants.STATUS_BAD_REQUEST should arrive when calling without password: ' + str(response.status_int))
def validate_params(self):
UserUtil.verified_phone_and_email(self.event)
# カストディ規制時のウォレット移行が済んでいなければ利用不可
user_id = self.event['requestContext']['authorizer']['claims'][
'cognito:username']
UserUtil.validate_private_eth_address(self.dynamodb, user_id)
def testRegisterHandlerOK(self):
response = UserUtil.register_user(self.testapp, '*****@*****.**', 'password')
self.assertEqual(response.status_int, constants.STATUS_OK,
'Wrong response with correct credentials: ' + str(response.status_int))
response = UserUtil.register_user(self.testapp, '*****@*****.**', 'password')
self.assertEqual(response.status_int, constants.STATUS_OK,
'Wrong response with correct credentials: ' + str(response.status_int))
def testRegression1(self):
email = '*****@*****.**'
good_password = '******'
bad_password = '******'
# 1. Register client
response = UserUtil.register_user(self.testapp, email, good_password)
self.assertEqual(response.status_int, constants.STATUS_OK,
'Register failed with correct credentials: ' + str(response.status_int))
# 2. Verify client
response = UserUtil.verify_user(self.testapp, self.mail_stub, email)
self.assertEqual(response.status_int, constants.STATUS_OK, 'Verification failed: ' + str(response.status_int))
# 3. Logout client
response = UserUtil.logout(self.testapp)
self.assertEqual(response.status_int, constants.STATUS_OK, 'Logout failed: ' + str(response.status_int))
# 4. Check logout
response = self.testapp.get('/', expect_errors=True)
self.assertEqual(response.status_int, constants.STATUS_UNAUTHORIZED,
'Users only page should not be served after logout: ' + str(response.status_int))
# 5. Login with remember me turned on and a wrong password
response = UserUtil.login_user(self.testapp, email, bad_password, True)
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST,
'Login succeeded with bad password.' + str(response.status_int))
# 6. Acessing secure content (after login and after deleting session data)
response = self.testapp.get('/', expect_errors=True)
self.assertEqual(response.status_int, constants.STATUS_UNAUTHORIZED,
'Users only page must not be served without logging in: ' + str(response.status_int))
def validate_params(self):
UserUtil.verified_phone_and_email(self.event)
# check price type is integer or decimal
ParameterUtil.validate_price_params(self.params.get('price'))
if self.params.get('price') is not None:
self.params['price'] = int(self.params['price'])
validate(self.params, self.get_schema())
if self.params.get('eye_catch_url'):
TextSanitizer.validate_img_url(self.params.get('eye_catch_url'))
if self.params.get('tags'):
ParameterUtil.validate_array_unique(self.params['tags'],
'tags',
case_insensitive=True)
TagUtil.validate_format(self.params['tags'])
DBUtil.validate_article_existence(
self.dynamodb,
self.params['article_id'],
user_id=self.event['requestContext']['authorizer']['claims']
['cognito:username'],
status='public',
version=2)
DBUtil.validate_topic(self.dynamodb, self.params['topic'])
DBUtil.validate_exists_title_and_body(self.dynamodb,
self.params['article_id'])
def validate_params(self):
# 認証・ウォレット情報が登録済であること
UserUtil.verified_phone_and_email(self.event)
UserUtil.validate_private_eth_address(
self.dynamodb, self.event['requestContext']['authorizer']['claims']
['cognito:username'])
# single
validate(self.params, self.get_schema())
# 署名が正しいこと
PrivateChainUtil.validate_raw_transaction_signature(
self.params['purchase_signed_transaction'],
self.event['requestContext']['authorizer']['claims']
['custom:private_eth_address'])
PrivateChainUtil.validate_raw_transaction_signature(
self.params['burn_signed_transaction'],
self.event['requestContext']['authorizer']['claims']
['custom:private_eth_address'])
# relation
DBUtil.validate_article_existence(self.dynamodb,
self.params['article_id'],
status='public',
is_purchased=True)
DBUtil.validate_not_purchased(
self.dynamodb, self.params['article_id'],
self.event['requestContext']['authorizer']['claims']
['cognito:username'])
def validate_params(self):
UserUtil.verified_phone_and_email(self.event)
# single
# check price type is integer or decimal
try:
self.params['price'] = int(self.params['price'])
except ValueError:
raise ValidationError('Price must be integer')
# check price value is not decimal
price = self.params['price'] / 10**18
if price.is_integer() is False:
raise ValidationError('Decimal value is not allowed')
validate(self.params, self.get_schema())
# relation
DBUtil.validate_article_existence(self.dynamodb,
self.params['article_id'],
status='public')
DBUtil.validate_latest_price(self.dynamodb, self.params['article_id'],
self.params['price'])
DBUtil.validate_not_purchased(
self.dynamodb, self.params['article_id'],
self.event['requestContext']['authorizer']['claims']
['cognito:username'])
def test_force_non_verified_phone_ng(self):
with self.assertRaises(ClientError):
self.cognito.admin_update_user_attributes = MagicMock(
side_effect=ClientError({'Error': {
'Code': 'xxxx'
}}, 'operation_name'))
UserUtil.force_non_verified_phone(self.cognito, 'user_id')
def test_add_user_profile_ng(self):
with self.assertRaises(ClientError):
self.dynamodb.Table = MagicMock()
self.dynamodb.Table.return_value.put_item.side_effect = ClientError(
{'Error': {
'Code': 'xxxx'
}}, 'operation_name')
UserUtil.add_user_profile(self.dynamodb, 'user_id', 'display_name')
def validate_params(self):
UserUtil.verified_phone_and_email(self.event)
validate(self.params, self.get_schema())
comment = DBUtil.get_validated_comment(self.dynamodb,
self.params['comment_id'])
DBUtil.validate_article_existence(self.dynamodb,
comment['article_id'],
status='public')
def test_has_user_id_ng(self):
with self.assertRaises(ClientError):
self.dynamodb.Table = MagicMock()
self.dynamodb.Table.return_value.get_item.side_effect = ClientError(
{'Error': {
'Code': 'xxxx'
}}, 'operation_name')
UserUtil.has_user_id(self.dynamodb, 'external_provider_user_id')
def validate_params(self):
UserUtil.verified_phone_and_email(self.event)
if self.event.get('body') is None:
raise ValidationError('Request parameter is required')
params = json.loads(self.event.get('body'))
validate(params, self.get_schema(), format_checker=FormatChecker())
def validate_params(self):
ParameterUtil.cast_parameter_to_int(self.params, self.get_schema())
UserUtil.verified_phone_and_email(self.event)
validate(self.params, self.get_schema())
DBUtil.validate_article_existence(
self.dynamodb,
self.event['pathParameters']['article_id'],
user_id=self.event['requestContext']['authorizer']['claims']
['cognito:username'])
def validate_params(self):
UserUtil.verified_phone_and_email(self.event)
if not self.event.get('body'):
raise ValidationError('Request parameter is required')
validate(self.params, self.get_schema())
DBUtil.validate_article_existence(self.dynamodb,
self.params['article_id'],
status='public')
def main(self):
logger = logging.getLogger()
logger.setLevel(logging.INFO)
try:
# user validation
UserUtil.verified_phone_and_email(self.event)
# params validation
self.validate_params()
# exec main process
return self.exec_main_proc()
except ValidationError as err:
logger.fatal(err)
logger.info(self.event)
return {
'statusCode':
400,
'body':
json.dumps({'message': "Invalid parameter: {0}".format(err)})
}
except NotVerifiedUserError as err:
logger.fatal(err)
logger.info(self.event)
return {
'statusCode': 400,
'body': json.dumps({'message': "Bad Request: {0}".format(err)})
}
except NotAuthorizedError as err:
logger.fatal(err)
logger.info(self.event)
return {
'statusCode': 403,
'body': json.dumps({'message': str(err)})
}
except RecordNotFoundError as err:
logger.fatal(err)
logger.info(self.event)
return {
'statusCode': 404,
'body': json.dumps({'message': str(err)})
}
except Exception as err:
logger.fatal(err)
logger.info(self.event)
traceback.print_exc()
return {
'statusCode': 500,
'body': json.dumps({'message': 'Internal server error'})
}
def test_external_provider_login_ng(self):
with self.assertRaises(ClientError):
self.cognito.admin_get_user = MagicMock(side_effect=ClientError(
{'Error': {
'Code': 'UserNotFoundException'
}}, 'operation_name'))
UserUtil.external_provider_login(self.cognito, 'user_pool_id',
'user_pool_app_id', 'user_id',
'password', 'twitter')
def testRegisterHandlerWrongEmail(self):
response = UserUtil.register_user(self.testapp, 'jamesbond.com', 'password')
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST,
'Code constants.STATUS_BAD_REQUEST should arrive when calling with bad email: ' + str(response.status_int))
response = UserUtil.register_user(self.testapp, 'james@com', 'password')
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST,
'Code constants.STATUS_BAD_REQUEST should arrive when calling with bad email: ' + str(response.status_int))
response = UserUtil.register_user(self.testapp, '@bond.com', 'password')
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST,
'Code constants.STATUS_BAD_REQUEST should arrive when calling with bad email: ' + str(response.status_int))
def validate_params(self):
UserUtil.verified_phone_and_email(self.event)
validate(self.params, self.get_schema())
# 該当 article_id が自分のものかつ、v2であることを確認
DBUtil.validate_article_existence(
self.dynamodb,
self.params['article_id'],
user_id=self.event['requestContext']['authorizer']['claims']['cognito:username'],
version=2
)
def validate_params(self):
UserUtil.verified_phone_and_email(self.event)
validate(self.params, self.get_schema())
DBUtil.validate_article_existence(
self.dynamodb,
self.params['article_id'],
user_id=self.event['requestContext']['authorizer']['claims']
['cognito:username'],
status='public')
def test_add_external_provider_user_info_ng(self):
with self.assertRaises(ClientError):
self.dynamodb.Table = MagicMock()
self.dynamodb.Table.return_value.put_item.side_effect = ClientError(
{'Error': {
'Code': 'xxxx'
}}, 'operation_name')
UserUtil.add_external_provider_user_info(
self.dynamodb, 'external_provider_user_id', 'password', 'iv',
'email')
def testRegisteringTwice(self):
response = UserUtil.register_user(self.testapp, '*****@*****.**', 'password')
self.assertEqual(response.status_int, constants.STATUS_OK,
'Wrong response with correct credentials: ' + str(response.status_int))
response = UserUtil.register_user(self.testapp, '*****@*****.**', 'password')
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST,
'Wrong response for second registration: ' + str(response.status_int))
response = UserUtil.register_user(self.testapp, '*****@*****.**', 'password')
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST,
'System is case sensitive for emails: ' + str(response.status_int))
def test_get_private_eth_address_ng_not_exists_private_eth_address(self):
with self.assertRaises(RecordNotFoundError) as e:
self.cognito.admin_get_user = MagicMock(return_value={
'UserAttributes': [{
'Name': 'hoge',
'Value': 'piyo'
}]
})
UserUtil.get_private_eth_address(self.cognito, 'test')
self.assertEqual(e.exception.args[0],
'Record Not Found: private_eth_address')
def validate_params(self):
UserUtil.verified_phone_and_email(self.event)
# single
if self.event.get('pathParameters') is None:
raise ValidationError('pathParameters is required')
validate(self.event.get('pathParameters'), self.get_schema())
# relation
DBUtil.validate_article_existence(
self.dynamodb,
self.event['pathParameters']['article_id'],
status='public')
def test_create_external_provider_user_ng(self):
with self.assertRaises(ClientError):
self.cognito.admin_create_user = MagicMock(
side_effect=ClientError({'Error': {
'Code': 'xxxxxx'
}}, 'operation_name'))
UserUtil.create_external_provider_user(self.cognito,
'user_pool_id',
'user_pool_app_id',
'user_id', 'mail', 'pass',
'pass', 'twitter')
def test_verified_phone_and_email_ng_not_exist_email(self):
event = {
'requestContext': {
'authorizer': {
'claims': {
'phone_number_verified': 'true'
}
}
}
}
with self.assertRaises(NotVerifiedUserError):
UserUtil.verified_phone_and_email(event)
def validate_params(self):
UserUtil.verified_phone_and_email(self.event)
if not self.event.get('pathParameters'):
raise ValidationError('pathParameters is required')
if not self.event.get('body') or not json.loads(
self.event.get('body')):
raise ValidationError('Request parameter is required')
validate(self.params,
self.get_schema(),
format_checker=FormatChecker())
def validate_params(self):
UserUtil.verified_phone_and_email(self.event)
if not self.event.get('body'):
raise ValidationError('Request parameter is required')
validate(self.params, self.get_schema())
DBUtil.validate_write_blacklisted(
self.dynamodb, self.event['requestContext']['authorizer']['claims']
['cognito:username'])
DBUtil.validate_article_existence(self.dynamodb,
self.params['article_id'],
status='public')
def test_verified_phone_and_email_ng_all_params_false(self):
event = {
'requestContext': {
'authorizer': {
'claims': {
'phone_number_verified': 'false',
'email_verified': 'false'
}
}
}
}
with self.assertRaises(NotVerifiedUserError):
UserUtil.verified_phone_and_email(event)
def validate_params(self):
UserUtil.verified_phone_and_email(self.event)
# send_value について数値でのチェックを行うため、int に変換
try:
self.params['send_value'] = int(self.params['send_value'])
except ValueError:
raise ValidationError('send_value must be numeric')
# pinコードを検証
self.__validate_pin_code(self.params['access_token'],
self.params['pin_code'])
validate(self.params, self.get_schema())
def validate_params(self):
UserUtil.verified_phone_and_email(self.event)
if self.event['requestContext']['authorizer']['claims'].get(
'custom:private_eth_address') is None:
raise ValidationError('not exists private_eth_address')
# single
if self.event.get('pathParameters') is None:
raise ValidationError('pathParameters is required')
validate(self.event.get('pathParameters'), self.get_schema())
# relation
DBUtil.validate_article_existence(
self.dynamodb,
self.event['pathParameters']['article_id'],
status='public')
def testLoginFailWithoutVerification(self):
email = '*****@*****.**'
password = '******'
response = UserUtil.login_user(self.testapp, email, password)
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST,
'Login succeeded with empty db: ' + str(response.status_int))
response = UserUtil.register_user(self.testapp, email, password)
self.assertEqual(response.status_int, constants.STATUS_OK,
'Register failed with correct credentials: ' + str(response.status_int))
response = UserUtil.login_user(self.testapp, email, 'password2')
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST,
'Login succeeded with bad password: '******'*****@*****.**', password)
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST,
'Login succeeded with bad email: ' + str(response.status_int))
def validate_params(self):
UserUtil.verified_phone_and_email(self.event)
# single
# params
validate(self.params, self.get_schema())
self.validate_image_data(self.params['article_image'])
# headers
validate(self.event.get('headers'), self.get_headers_schema())
# relation
DBUtil.validate_article_existence(
self.dynamodb,
self.event['pathParameters']['article_id'],
user_id=self.event['requestContext']['authorizer']['claims']
['cognito:username'])
def test_add_user_profile_ok(self):
self.dynamodb.Table = MagicMock()
self.dynamodb.Table.return_value.put_item.return_value = True
response = UserUtil.add_user_profile(self.dynamodb, 'user_id',
'display_name')
self.assertEqual(response, None)
def test_add_external_provider_user_info_ok(self):
self.dynamodb.Table = MagicMock()
self.dynamodb.Table.return_value.put_item.return_value = True
response = UserUtil.add_external_provider_user_info(
self.dynamodb, 'external_provider_user_id', 'password', 'iv',
'email')
self.assertEqual(response, None)
def validate_params(self):
UserUtil.verified_phone_and_email(self.event)
validate(self.params,
self.get_schema(),
format_checker=FormatChecker())
self.__validate_reporting_myself()
# 著作権侵害の場合はオリジナル記事のURLを必須とする
if self.params['reason'] == 'copyright_violation':
if not self.params['origin_url']:
raise ValidationError('origin url is required')
DBUtil.validate_user_existence(self.dynamodb,
self.event['pathParameters']['user_id'])
def testLoginSuccess(self):
email = '*****@*****.**'
password = '******'
# 1. Register client
response = UserUtil.register_user(self.testapp, email, password)
self.assertEqual(response.status_int, constants.STATUS_OK,
'Register failed with correct credentials: ' + str(response.status_int))
# 2. Access test site - error should arrive
response = self.testapp.get('/', expect_errors=True)
self.assertEqual(response.status_int, constants.STATUS_UNAUTHORIZED,
'Users only page should be served after logging in: ' + str(response.status_int))
# 3. Try to login -> Verification needed first
response = UserUtil.login_user(self.testapp, email, password)
self.assertEqual(response.status_int, constants.STATUS_FORBIDDEN,
'Server should answer 403 for unverified client: ' + str(response.status_int))
# 4. Verify
response = UserUtil.verify_user(self.testapp, self.mail_stub, email)
self.assertEqual(response.status_int, constants.STATUS_OK, 'Verification failed: ' + str(response.status_int))
# 5. Access test site should succeed after verification
response = self.testapp.get('/', expect_errors=True)
self.assertEqual(response.status_int, constants.STATUS_OK,
'Users only page should be served after logging in: ' + str(response.status_int))
# 6. Check login
session = get_current_session()
self.assertEqual(session.get(constants.VAR_NAME_EMAIL), email, 'User email is not correct in session variable: ' + str(
session.get(constants.VAR_NAME_EMAIL)))
self.assertIsNotNone(session.get(constants.SESSION_ID), 'SessionId is none')
# 7. Access test site
response = self.testapp.get('/', expect_errors=True)
self.assertEqual(response.status_int, constants.STATUS_OK,
'Users only page should be served after logging in: ' + str(response.status_int))
# 8. Logout
response = UserUtil.logout(self.testapp)
self.assertEqual(response.status_int, constants.STATUS_OK, 'Logout failed: ' + str(response.status_int))
# 9. SH-26 regression
response = UserUtil.logout(self.testapp)
self.assertEqual(response.status_int, constants.STATUS_OK, 'Logout failed: ' + str(response.status_int))
def testLoginFailWithVerification(self):
email = '*****@*****.**'
password = '******'
# 1. Register client
response = UserUtil.login_user(self.testapp, email, password)
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST,
'Login succeeded with empty db: ' + str(response.status_int))
response = UserUtil.register_user(self.testapp, email, password)
self.assertEqual(response.status_int, constants.STATUS_OK,
'Register failed with correct credentials: ' + str(response.status_int))
# 2. Verify client
response = UserUtil.verify_user(self.testapp, self.mail_stub, email)
self.assertEqual(response.status_int, constants.STATUS_OK, 'Verification failed: ' + str(response.status_int))
# 3. Logout
response = UserUtil.logout(self.testapp)
self.assertEqual(response.status_int, constants.STATUS_OK, 'Logout failed: ' + str(response.status_int))
# 4. Login with bad credentials
response = UserUtil.login_user(self.testapp, email, 'password2')
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST, 'Login succeeded with bad password.')
response = UserUtil.login_user(self.testapp, email, '')
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST, 'Login succeeded with empty password.')
response = UserUtil.login_user(self.testapp, '*****@*****.**', password)
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST, 'Login succeeded with bad email.')
def testRegisterHandlerBadPassword(self):
email = '*****@*****.**'
password = '******'
response = UserUtil.register_user(self.testapp, email, password)
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST,
'Code constants.STATUS_BAD_REQUEST should arrive when calling with invalid characters in password: '******' ' + str(response.status_int))
password = '******'
response = UserUtil.register_user(self.testapp, email, password)
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST,
'Code constants.STATUS_BAD_REQUEST should arrive when calling with invalid characters in password: '******' ' + str(response.status_int))
password = "******"
response = UserUtil.register_user(self.testapp, email, password)
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST,
'Code constants.STATUS_BAD_REQUEST should arrive when calling with invalid characters in password: '******' ' + str(response.status_int))
password = "******"
response = UserUtil.register_user(self.testapp, email, password)
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST,
'Code constants.STATUS_BAD_REQUEST should arrive when calling with invalid characters in password: '******' ' + str(response.status_int))
def testPersistentCookie(self):
email = '*****@*****.**'
password = '******'
# 1. Register client
response = UserUtil.register_user(self.testapp, email, password)
self.assertEqual(response.status_int, constants.STATUS_OK,
'Register failed with correct credentials: ' + str(response.status_int))
# 2. Verify client
response = UserUtil.verify_user(self.testapp, self.mail_stub, email)
self.assertEqual(response.status_int, constants.STATUS_OK, 'Verification failed: ' + str(response.status_int))
# 3. Login with remember me turned off
response = UserUtil.login_user(self.testapp, email, password)
self.assertEqual(response.status_int, constants.STATUS_OK,
'Login failed with verified client: ' + str(response.status_int))
# 4. Acessing secure content (after login and after deleting session data)
response = self.testapp.get('/', expect_errors=True)
self.assertEqual(response.status_int, constants.STATUS_OK,
'Users only page should be served after logging in: ' + str(response.status_int))
session = get_current_session()
session.terminate()
response = self.testapp.get('/', expect_errors=True)
self.assertEqual(response.status_int, constants.STATUS_UNAUTHORIZED,
'Users only page should not be served without providing session data: ' + str(response.status_int))
# 5. Login with remember me turned on
response = UserUtil.login_user(self.testapp, email, password, True)
self.assertEqual(response.status_int, constants.STATUS_OK,
'Login failed with verified client: ' + str(response.status_int))
# 6. Acessing secure content (after login and after deleting session data)
response = self.testapp.get('/', expect_errors=True)
self.assertEqual(response.status_int, constants.STATUS_OK,
'Users only page should be served after logging in: ' + str(response.status_int))
session = get_current_session()
session.terminate()
response = self.testapp.get('/', expect_errors=True)
self.assertEqual(response.status_int, constants.STATUS_OK,
'Users only page should be served after logging in: ' + str(response.status_int))
# Test next login
session = get_current_session()
session.terminate()
response = self.testapp.get('/', expect_errors=True)
self.assertEqual(response.status_int, constants.STATUS_OK,
'Users only page should be served after logging in: ' + str(response.status_int))
# 7. Try to access secure content with modified token
response = self.testapp.get('/', expect_errors=True, headers=dict(Cookie='token='))
self.assertEqual(response.status_int, constants.STATUS_OK,
'Users only page should be served after logging in: ' + str(response.status_int))
# 8. Logout
response = UserUtil.logout(self.testapp)
self.assertEqual(response.status_int, constants.STATUS_OK, 'Logout failed: ' + str(response.status_int))
# 9. Check logout
response = self.testapp.get('/', expect_errors=True)
self.assertEqual(response.status_int, constants.STATUS_UNAUTHORIZED,
'Users only page should not be served after logout: ' + str(response.status_int))
def testRegisterHandlerEmpty(self):
response = UserUtil.register_user(self.testapp)
self.assertEqual(response.status_int, constants.STATUS_BAD_REQUEST,
'Code constants.STATUS_BAD_REQUEST should arrive when calling without parameters: ' + str(response.status_int))
