diff --git a/lib/api/main.go b/lib/api/main.go index 903344d..e312c61 100644 --- a/lib/api/main.go +++ b/lib/api/main.go @@ -2,8 +2,10 @@ package api import ( "encoding/json" + "io" "net/http" + log "github.com/Sirupsen/logrus" // TODO-Bad "goji.io" "golang.org/x/net/context" @@ -59,3 +61,17 @@ func SessionHandler(h Handle) goji.HandlerFunc { JSONOutput(ctx, w, r, data, err) } } + +//JSONDecoder handle complete request of JSON +func JSONDecoder(r io.Reader, data interface{}, w http.ResponseWriter, logger *log.Entry) (returnerr *ErrorResult) { + err := json.NewDecoder(r).Decode(data) + if err != nil { + logger.Error("fetch request") + returnerr = &ErrorResult{ + Message: "Internal Request Error", + } + w.WriteHeader(http.StatusBadRequest) + return + } + return nil +} diff --git a/modul/host/api.go b/modul/host/api.go index 6f8b8b7..cba9169 100644 --- a/modul/host/api.go +++ b/modul/host/api.go @@ -30,7 +30,9 @@ func BindAPI(db *gorm.DB, router *goji.Mux, prefix string) { router.HandleFuncC(pat.Delete(prefix+"/delete"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(delete)))) router.HandleFuncC(pat.Get(prefix+"/profil"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(profil)))) router.HandleFuncC(pat.Get(prefix+"/domain"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(domainList)))) + router.HandleFuncC(pat.Post(prefix+"/domain"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(domainAdd)))) router.HandleFuncC(pat.Get(prefix+"/database"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(databaseList)))) + router.HandleFuncC(pat.Post(prefix+"/database"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(databaseAdd)))) } func checkSignup(ctx context.Context, w http.ResponseWriter, r *http.Request) (returndata interface{}, returnerr *libapi.ErrorResult) { diff --git a/modul/host/api_test.go b/modul/host/api_test.go index fa76a36..4edabed 100644 --- a/modul/host/api_test.go +++ b/modul/host/api_test.go @@ -76,6 +76,10 @@ func TestAPI(t *testing.T) { assertion.Equal(w.StatusCode, http.StatusOK) assertion.Equal(result.Data, true) + result, w = session.JSONRequest("DELETE", "/host/delete", nil) + assertion.Equal(w.StatusCode, http.StatusOK) + assertion.Equal(result.Data, false) + /* * TEST profil */ @@ -98,32 +102,4 @@ func TestAPI(t *testing.T) { result, w = session.JSONRequest("GET", "/host/profil", nil) assertion.Equal(w.StatusCode, http.StatusOK) assertion.NotEqual(result.Data, false) - - /* - * TEST domainList - */ - session.Clean() - result, w = session.JSONRequest("GET", "/host/domain", nil) - assertion.Equal(w.StatusCode, http.StatusUnauthorized) - assertion.Equal(result.Data, false) - - loginTest(session, assertion) - - result, w = session.JSONRequest("GET", "/host/domain", nil) - assertion.Equal(w.StatusCode, http.StatusOK) - assertion.NotEqual(result.Data, false) - - /* - * TEST databaseList - */ - session.Clean() - result, w = session.JSONRequest("GET", "/host/database", nil) - assertion.Equal(w.StatusCode, http.StatusUnauthorized) - assertion.Equal(result.Data, false) - - loginTest(session, assertion) - - result, w = session.JSONRequest("GET", "/host/database", nil) - assertion.Equal(w.StatusCode, http.StatusOK) - assertion.NotEqual(result.Data, false) } diff --git a/modul/host/apidatabase.go b/modul/host/apidatabase.go new file mode 100644 index 0000000..6681986 --- /dev/null +++ b/modul/host/apidatabase.go @@ -0,0 +1,48 @@ +package host + +import ( + "net/http" + + "golang.org/x/net/context" + + libapi "dev.sum7.eu/sum7/warehost/lib/api" +) + +func databaseList(ctx context.Context, w http.ResponseWriter, r *http.Request) (returndata interface{}, returnerr *libapi.ErrorResult) { + profil := ctx.Value("profil").(*Profil) + returndata = false + logger := log.GetLog(r, "databaselist") + var database []*Database + dbconnection.Where("profil = ?", profil.ID).Find(&database) + logger.Info("done") + returndata = database + return +} + +func databaseAdd(ctx context.Context, w http.ResponseWriter, r *http.Request) (returndata interface{}, returnerr *libapi.ErrorResult) { + profil := ctx.Value("profil").(*Profil) + returndata = false + logger := log.GetLog(r, "databaseadd") + + var databaseRequest Database + returnerr = libapi.JSONDecoder(r.Body, &databaseRequest, w, logger) + if returnerr != nil { + return + } + + database := &Database{ + ProfilID: profil.ID, + Password: databaseRequest.Password, + Comment: databaseRequest.Comment, + } + + if err := dbconnection.Create(database).Error; err != nil { + logger.Error("database: during create host database: ", err) + w.WriteHeader(http.StatusInternalServerError) + returnerr = &libapi.ErrorResult{Message: "Internal Database Error with Database"} + return + } + returndata = true + logger.Info("done") + return +} diff --git a/modul/host/apidatabase_test.go b/modul/host/apidatabase_test.go new file mode 100644 index 0000000..7c51d7f --- /dev/null +++ b/modul/host/apidatabase_test.go @@ -0,0 +1,59 @@ +package host + +import ( + "net/http" + "testing" + + "dev.sum7.eu/sum7/warehost/system" + "dev.sum7.eu/sum7/warehost/test" +) + +func TestAPIDatabase(t *testing.T) { + + assertion, db, router := test.Init(t) + defer db.Close() + + //load system Models to database + system.SyncModels(db) + db.Unscoped().Delete(Profil{}) + SyncModels(db) + + // Bind API + system.BindAPI(db, router, "") + BindAPI(db, router, "/host") + session := test.NewSession(router) + + loginTest(session, assertion) + + result, w := session.JSONRequest("DELETE", "/host/delete", nil) + assertion.Equal(w.StatusCode, http.StatusOK) + + // Need a Profile for Next tests + result, w = session.JSONRequest("POST", "/host/signup", nil) + assertion.Equal(w.StatusCode, http.StatusOK) + assertion.Equal(result.Data, true) + + /* + * TEST databaseList + */ + session.Clean() + result, w = session.JSONRequest("GET", "/host/database", nil) + assertion.Equal(w.StatusCode, http.StatusUnauthorized) + assertion.Equal(result.Data, false) + + loginTest(session, assertion) + + result, w = session.JSONRequest("GET", "/host/database", nil) + assertion.Equal(w.StatusCode, http.StatusOK) + assertion.NotEqual(result.Data, false) + + /* + * TEST databaseAdd + */ + result, w = session.JSONRequest("POST", "/host/database", Database{ + Password: "example.de", + Comment: "test", + }) + assertion.Equal(w.StatusCode, http.StatusOK) + assertion.NotEqual(result.Data, false) +} diff --git a/modul/host/apidomain.go b/modul/host/apidomain.go index 7c33814..139235b 100644 --- a/modul/host/apidomain.go +++ b/modul/host/apidomain.go @@ -19,13 +19,31 @@ func domainList(ctx context.Context, w http.ResponseWriter, r *http.Request) (re return } -func databaseList(ctx context.Context, w http.ResponseWriter, r *http.Request) (returndata interface{}, returnerr *libapi.ErrorResult) { +func domainAdd(ctx context.Context, w http.ResponseWriter, r *http.Request) (returndata interface{}, returnerr *libapi.ErrorResult) { profil := ctx.Value("profil").(*Profil) returndata = false - logger := log.GetLog(r, "databaselist") - var database []*Database - dbconnection.Where("profil = ?", profil.ID).Find(&database) + logger := log.GetLog(r, "domainadd") + + var domainRequest Domain + returnerr = libapi.JSONDecoder(r.Body, &domainRequest, w, logger) + if returnerr != nil { + return + } + + domain := &Domain{ + ProfilID: profil.ID, + FQDN: domainRequest.FQDN, + Mail: domainRequest.Mail, + Web: domainRequest.Web, + } + + if err := dbconnection.Create(domain).Error; err != nil { + logger.Error("database: during create host domain: ", err) + w.WriteHeader(http.StatusInternalServerError) + returnerr = &libapi.ErrorResult{Message: "Internal Database Error with Database"} + return + } + returndata = true logger.Info("done") - returndata = database return } diff --git a/modul/host/apidomain_test.go b/modul/host/apidomain_test.go new file mode 100644 index 0000000..c7a6c80 --- /dev/null +++ b/modul/host/apidomain_test.go @@ -0,0 +1,62 @@ +package host + +import ( + "net/http" + "testing" + + "dev.sum7.eu/sum7/warehost/system" + "dev.sum7.eu/sum7/warehost/test" +) + +func TestAPIDomain(t *testing.T) { + + assertion, db, router := test.Init(t) + defer db.Close() + + //load system Models to database + system.SyncModels(db) + db.Unscoped().Delete(Profil{}) + SyncModels(db) + + // Bind API + system.BindAPI(db, router, "") + BindAPI(db, router, "/host") + session := test.NewSession(router) + + loginTest(session, assertion) + + result, w := session.JSONRequest("DELETE", "/host/delete", nil) + assertion.Equal(w.StatusCode, http.StatusOK) + + // Need a Profile for Next tests + result, w = session.JSONRequest("POST", "/host/signup", nil) + assertion.Equal(w.StatusCode, http.StatusOK) + assertion.Equal(result.Data, true) + + /* + * TEST domainList + */ + session.Clean() + result, w = session.JSONRequest("GET", "/host/domain", nil) + assertion.Equal(w.StatusCode, http.StatusUnauthorized) + assertion.Equal(result.Data, false) + + loginTest(session, assertion) + + result, w = session.JSONRequest("GET", "/host/domain", nil) + assertion.Equal(w.StatusCode, http.StatusOK) + assertion.NotEqual(result.Data, false) + + /* + * TEST domainAdd + */ + result, w = session.JSONRequest("POST", "/host/domain", Domain{ + FQDN: "example.de", + }) + assertion.Equal(w.StatusCode, http.StatusOK) + assertion.NotEqual(result.Data, false) + + result, w = session.JSONRequest("POST", "/host/domain", []byte{2, 3}) + assertion.Equal(w.StatusCode, http.StatusBadRequest) + assertion.Equal(result.Data, false) +} diff --git a/modul/web/api.go b/modul/web/api.go index f22e28d..edd5164 100644 --- a/modul/web/api.go +++ b/modul/web/api.go @@ -1,7 +1,6 @@ package web import ( - "encoding/json" "net/http" "github.com/jinzhu/gorm" @@ -28,7 +27,7 @@ func BindAPI(db *gorm.DB, router *goji.Mux, prefix string) { router.HandleFuncC(pat.Get(prefix+"/involve"), libapi.SessionHandler(libsystem.LoginHandler(involve))) router.HandleFuncC(pat.Post(prefix+"/website"), libapi.SessionHandler(libsystem.LoginHandler(websiteAdd))) - router.HandleFuncC(pat.Put(prefix+"/website/:websiteid"), libapi.SessionHandler(libsystem.LoginHandler(InvolveWebsiteHandler(websiteEdit)))) + router.HandleFuncC(pat.Patch(prefix+"/website/:websiteid"), libapi.SessionHandler(libsystem.LoginHandler(InvolveWebsiteHandler(websiteEdit)))) router.HandleFuncC(pat.Delete(prefix+"/website/:websiteid"), libapi.SessionHandler(libsystem.LoginHandler(InvolveWebsiteHandler(websiteDelete)))) router.HandleFuncC(pat.Get(prefix+"/website/:websiteid/permission"), libapi.SessionHandler(libsystem.LoginHandler(InvolveWebsiteHandler(permissionList)))) router.HandleFuncC(pat.Post(prefix+"/website/:websiteid/permission/:loginid"), libapi.SessionHandler(libsystem.LoginHandler(InvolveWebsiteHandler(permissionAdd)))) @@ -39,11 +38,11 @@ func BindAPI(db *gorm.DB, router *goji.Mux, prefix string) { router.HandleFuncC(pat.Get(prefix+"/website/:websiteid/menu"), libapi.SessionHandler(libsystem.LoginHandler(InvolveWebsiteHandler(menuTree)))) router.HandleFuncC(pat.Get(prefix+"/website/:websiteid/menu/list"), libapi.SessionHandler(libsystem.LoginHandler(InvolveWebsiteHandler(menuList)))) router.HandleFuncC(pat.Post(prefix+"/website/:websiteid/menu"), libapi.SessionHandler(libsystem.LoginHandler(InvolveWebsiteHandler(menuAdd)))) - router.HandleFuncC(pat.Put(prefix+"/website/:websiteid/menu/:menuid"), libapi.SessionHandler(libsystem.LoginHandler(InvolveWebsiteHandler(menuEdit)))) + router.HandleFuncC(pat.Patch(prefix+"/website/:websiteid/menu/:menuid"), libapi.SessionHandler(libsystem.LoginHandler(InvolveWebsiteHandler(menuEdit)))) router.HandleFuncC(pat.Delete(prefix+"/website/:websiteid/menu/:menuid"), libapi.SessionHandler(libsystem.LoginHandler(InvolveWebsiteHandler(menuDelete)))) router.HandleFuncC(pat.Get(prefix+"/website/:websiteid/page"), libapi.SessionHandler(libsystem.LoginHandler(InvolveWebsiteHandler(pageList)))) router.HandleFuncC(pat.Post(prefix+"/website/:websiteid/page"), libapi.SessionHandler(libsystem.LoginHandler(InvolveWebsiteHandler(pageAdd)))) - router.HandleFuncC(pat.Put(prefix+"/website/:websiteid/page/:pageid"), libapi.SessionHandler(libsystem.LoginHandler(InvolveWebsiteHandler(pageEdit)))) + router.HandleFuncC(pat.Patch(prefix+"/website/:websiteid/page/:pageid"), libapi.SessionHandler(libsystem.LoginHandler(InvolveWebsiteHandler(pageEdit)))) router.HandleFuncC(pat.Delete(prefix+"/website/:websiteid/page/:pageid"), libapi.SessionHandler(libsystem.LoginHandler(InvolveWebsiteHandler(pageDelete)))) } @@ -66,12 +65,9 @@ func websiteAdd(ctx context.Context, w http.ResponseWriter, r *http.Request) (re logger := log.GetLog(r, "websiteadd") tx := dbconnection.Begin() var websiteRequest Website - err := json.NewDecoder(r.Body).Decode(&websiteRequest) - if err != nil { + returnerr = libapi.JSONDecoder(r.Body, &websiteRequest, w, logger) + if returnerr != nil { tx.Rollback() - logger.Error("fetch request") - http.Error(w, err.Error(), http.StatusInternalServerError) - returnerr = &libapi.ErrorResult{Message: "Internal Request Error"} return } website := &Website{Name: websiteRequest.Name} @@ -100,13 +96,11 @@ func websiteEdit(ctx context.Context, w http.ResponseWriter, r *http.Request) (r returndata = false logger := log.GetLog(r, "websiteedit") var websiteRequest Website - err := json.NewDecoder(r.Body).Decode(&websiteRequest) - if err != nil { - logger.Error("fetch request") - http.Error(w, err.Error(), http.StatusInternalServerError) - returnerr = &libapi.ErrorResult{Message: "Internal Request Error"} + returnerr = libapi.JSONDecoder(r.Body, &websiteRequest, w, logger) + if returnerr != nil { return } + websiteRequest.ID = ctx.Value("websiteid").(int64) if err := dbconnection.Save(websiteRequest).Error; err != nil { logger.Error("Database: during edit Website") diff --git a/modul/web/apimenu.go b/modul/web/apimenu.go index 1c0dd35..4fb4166 100644 --- a/modul/web/apimenu.go +++ b/modul/web/apimenu.go @@ -1,7 +1,6 @@ package web import ( - "encoding/json" "net/http" "strconv" @@ -38,13 +37,8 @@ func menuAdd(ctx context.Context, w http.ResponseWriter, r *http.Request) (retur returndata = false logger := log.GetLog(r, "menuadd") var menuEntry Menu - err := json.NewDecoder(r.Body).Decode(&menuEntry) - if err != nil { - logger.Error("fetch request") - http.Error(w, err.Error(), http.StatusInternalServerError) - returnerr = &libapi.ErrorResult{ - Message: "Internal Request Error", - } + returnerr = libapi.JSONDecoder(r.Body, &menuEntry, w, logger) + if returnerr != nil { return } @@ -72,13 +66,8 @@ func menuEdit(ctx context.Context, w http.ResponseWriter, r *http.Request) (retu return } logger = logger.WithField("id", menuid) - err = json.NewDecoder(r.Body).Decode(&menuEntry) - if err != nil { - logger.Error("fetch request") - http.Error(w, err.Error(), http.StatusInternalServerError) - returnerr = &libapi.ErrorResult{ - Message: "Internal Request Error", - } + returnerr = libapi.JSONDecoder(r.Body, &menuEntry, w, logger) + if returnerr != nil { return } menuEntry.WebsiteID = ctx.Value("websiteid").(int64) diff --git a/modul/web/apipage.go b/modul/web/apipage.go index f7e7b6b..98ee090 100644 --- a/modul/web/apipage.go +++ b/modul/web/apipage.go @@ -1,7 +1,6 @@ package web import ( - "encoding/json" "net/http" "strconv" @@ -27,13 +26,8 @@ func pageAdd(ctx context.Context, w http.ResponseWriter, r *http.Request) (retur returndata = false logger := log.GetLog(r, "pageadd") var page Page - err := json.NewDecoder(r.Body).Decode(&page) - if err != nil { - logger.Error("fetch request") - http.Error(w, err.Error(), http.StatusInternalServerError) - returnerr = &libapi.ErrorResult{ - Message: "Internal Request Error", - } + returnerr = libapi.JSONDecoder(r.Body, &page, w, logger) + if returnerr != nil { return } @@ -65,13 +59,8 @@ func pageEdit(ctx context.Context, w http.ResponseWriter, r *http.Request) (retu return } logger = logger.WithField("id", pageid) - err = json.NewDecoder(r.Body).Decode(&page) - if err != nil { - logger.Error("fetch request") - http.Error(w, err.Error(), http.StatusInternalServerError) - returnerr = &libapi.ErrorResult{ - Message: "Internal Request Error", - } + returnerr = libapi.JSONDecoder(r.Body, &page, w, logger) + if returnerr != nil { return } page.WebsiteID = ctx.Value("websiteid").(int64) diff --git a/system/api.go b/system/api.go index 2387415..cb0aab6 100644 --- a/system/api.go +++ b/system/api.go @@ -1,7 +1,6 @@ package system import ( - "encoding/json" "net/http" "strconv" "strings" @@ -38,10 +37,10 @@ func BindAPI(db *gorm.DB, router *goji.Mux, prefix string) { router.HandleFuncC(pat.Post(prefix+"/invite"), libapi.SessionHandler(LoginHandler(inviteAdd))) router.HandleFuncC(pat.Get(prefix+"/user"), libapi.SessionHandler(LoginHandler(loginList))) router.HandleFuncC(pat.Post(prefix+"/user"), libapi.SessionHandler(LoginHandler(loginAdd))) - router.HandleFuncC(pat.Put(prefix+"/user/:id"), libapi.SessionHandler(LoginHandler(loginEdit))) + router.HandleFuncC(pat.Patch(prefix+"/user/:id"), libapi.SessionHandler(LoginHandler(loginEdit))) router.HandleFuncC(pat.Delete(prefix+"/user/:id"), libapi.SessionHandler(LoginHandler(loginDelete))) router.HandleFuncC(pat.Get(prefix+"/invitor"), libapi.SessionHandler(LoginHandler(invitor))) - router.HandleFuncC(pat.Put(prefix+"/invitor"), libapi.SessionHandler(LoginHandler(invitorAdminToggle))) + router.HandleFuncC(pat.Patch(prefix+"/invitor"), libapi.SessionHandler(LoginHandler(invitorAdminToggle))) } // Status to get Login and Server status @@ -79,12 +78,11 @@ func login(ctx context.Context, w http.ResponseWriter, r *http.Request) (returnd returndata = false logger := log.GetLog(r, "login") var requestlogin RequestLogin - err := json.NewDecoder(r.Body).Decode(&requestlogin) - if err != nil { - logger.Error("fetch request") - http.Error(w, err.Error(), http.StatusBadRequest) + returnerr = libapi.JSONDecoder(r.Body, &requestlogin, w, logger) + if returnerr != nil { return } + logger = logger.WithField("user", requestlogin.Username) var login = Login{Username: requestlogin.Username} dbconnection.Where("mail = ?", requestlogin.Username).First(&login) @@ -119,12 +117,11 @@ func password(ctx context.Context, w http.ResponseWriter, r *http.Request) (retu logger := log.GetLog(r, "password") var changePasswordRequest ChangePasswordRequest - err := json.NewDecoder(r.Body).Decode(&changePasswordRequest) - if err != nil { - logger.Error("fetch request") - http.Error(w, err.Error(), http.StatusBadRequest) + returnerr = libapi.JSONDecoder(r.Body, &changePasswordRequest, w, logger) + if returnerr != nil { return } + output, _ := libpassword.Validate(login.Password, changePasswordRequest.CurrentPassword) if !output { logger.Warn("wrong current password") @@ -187,12 +184,11 @@ func inviteAdd(ctx context.Context, w http.ResponseWriter, r *http.Request) (ret returndata = false logger := log.GetLog(r, "inviteadd") var newLogin RequestLogin - err := json.NewDecoder(r.Body).Decode(&newLogin) - if err != nil { - logger.Error("fetch request") - http.Error(w, err.Error(), http.StatusBadRequest) + returnerr = libapi.JSONDecoder(r.Body, &newLogin, w, logger) + if returnerr != nil { return } + invite := &Invite{ Login: *login, Invited: Login{ @@ -242,17 +238,17 @@ func loginAdd(ctx context.Context, w http.ResponseWriter, r *http.Request) (retu return } var newLogin RequestLogin - err := json.NewDecoder(r.Body).Decode(&newLogin) - if err != nil { - logger.Error("fetch request") - http.Error(w, err.Error(), http.StatusBadRequest) + returnerr = libapi.JSONDecoder(r.Body, &newLogin, w, logger) + if returnerr != nil { return } + loginObj := Login{ Username: strings.ToLower(newLogin.Username), Password: libpassword.NewHash(newLogin.Password), Active: true, } + if err := dbconnection.Create(loginObj).Error; err != nil { logger.Warn("error create login") returnerr = &libapi.ErrorResult{Message: "Username exists already"} @@ -277,10 +273,8 @@ func loginEdit(ctx context.Context, w http.ResponseWriter, r *http.Request) (ret logger = logger.WithField("id", id) var invitedLogin = Login{ID: id} var changeLogin RequestLogin - err = json.NewDecoder(r.Body).Decode(&changeLogin) - if err != nil { - logger.Error("fetch request") - http.Error(w, err.Error(), http.StatusBadRequest) + returnerr = libapi.JSONDecoder(r.Body, &changeLogin, w, logger) + if returnerr != nil { return } diff --git a/system/api_test.go b/system/api_test.go index 88ac564..a737ed5 100644 --- a/system/api_test.go +++ b/system/api_test.go @@ -63,15 +63,15 @@ func TestAPI(t *testing.T) { // Test if crash on if not login in result, w = session.JSONRequest("GET", "/logout", nil) - assertion.Equal(w.StatusCode, http.StatusOK) + assertion.Equal(w.StatusCode, http.StatusUnauthorized) assertion.Equal(result.Data, false) /* * TEST password */ - + session.Clean() result, w = session.JSONRequest("POST", "/password", ChangePasswordRequest{CurrentPassword: "root", NewPassword: "root-bug"}) - assertion.Equal(w.StatusCode, http.StatusOK) + assertion.Equal(w.StatusCode, http.StatusUnauthorized) assertion.Equal(result.Data, false) //login before @@ -103,7 +103,7 @@ func TestAPI(t *testing.T) { */ session.Clean() result, w = session.JSONRequest("GET", "/invite", nil) - assertion.Equal(w.StatusCode, http.StatusOK) + assertion.Equal(w.StatusCode, http.StatusUnauthorized) assertion.Equal(result.Data, false) //login before @@ -117,7 +117,7 @@ func TestAPI(t *testing.T) { */ session.Clean() result, w = session.JSONRequest("GET", "/user", nil) - assertion.Equal(w.StatusCode, http.StatusOK) + assertion.Equal(w.StatusCode, http.StatusUnauthorized) assertion.Equal(result.Data, false) //login before