Colección de endpoints para la API de gestión de blacklist de emails
\n","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","toc":[],"owner":"34079512","collectionId":"4d5a9a26-832d-4f8e-a972-1a2c7e9e0bd3","publishedId":"2sBXqNkxz8","public":true,"customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"},"publishDate":"2026-05-08T23:30:44.000Z"},"item":[{"name":"1. Generar Token JWT","event":[{"listen":"test","script":{"exec":["pm.test('Status 200', function () {"," pm.response.to.have.status(200);","});","","pm.test('La respuesta es JSON válido', function () {"," pm.expect(() => pm.response.json()).to.not.throw();","});","","const jsonData = pm.response.json();","","pm.test('Existe access_token', function () {"," pm.expect(jsonData).to.have.property('access_token');"," pm.expect(jsonData.access_token).to.be.a('string').and.not.empty;","});","","pm.collectionVariables.set('token', jsonData.access_token);"],"type":"text/javascript","packages":{},"requests":{},"id":"9d591b32-7bfd-4764-b41c-f858cf0ceb34"}},{"listen":"prerequest","script":{"exec":[""],"type":"text/javascript","packages":{},"requests":{},"id":"45cf8529-47ad-4eb3-9d3b-e8946fc47a27"}}],"id":"50d21d1b-581a-4bc2-85f2-2dd62c50e033","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"url":"http://LB-python-app-1781400546.us-east-2.elb.amazonaws.com/generate-token","description":"Genera un token JWT válido. Ejecuta este primero, automáticamente guardará el token en la variable para los demás requests.
\n","urlObject":{"protocol":"http","path":["generate-token"],"host":["LB-python-app-1781400546.us-east-2.elb.amazonaws.com"],"query":[],"variable":[]}},"response":[],"_postman_id":"50d21d1b-581a-4bc2-85f2-2dd62c50e033"},{"name":"2. Agregar email a blacklist (POST)","event":[{"listen":"test","script":{"exec":["const expectedStatuses = [200, 201];\r","const responseTimeLimit = 5000;\r","const rawBody = pm.response.text();\r","const contentType = (pm.response.headers.get('Content-Type') || '').toLowerCase();\r","\r","pm.test('Status code esperado para crear/agregar email', function () {\r"," pm.expect(expectedStatuses).to.include(pm.response.code);\r","});\r","\r","pm.test('Tiempo de respuesta menor a 5000 ms', function () {\r"," pm.expect(pm.response.responseTime).to.be.below(responseTimeLimit);\r","});\r","\r","pm.test('Existe token en variable de colección para request autenticado', function () {\r"," const token = pm.collectionVariables.get('token');\r"," pm.expect(token, 'La variable token debe existir').to.be.a('string').and.not.empty;\r","});\r","\r","pm.test('La respuesta tiene un tipo soportado', function () {\r"," pm.expect(contentType.length > 0 || rawBody.length >= 0).to.be.true;\r","});\r","\r","let jsonData = null;\r","const isJson = contentType.includes('application/json');\r","if (isJson && rawBody) {\r"," try { jsonData = pm.response.json(); } catch (e) {}\r","}\r","\r","pm.test('Si responde JSON, el body es un objeto o arreglo válido', function () {\r"," if (isJson && rawBody) {\r"," pm.expect(jsonData).to.not.equal(null);\r"," pm.expect(['object', 'array']).to.include(Array.isArray(jsonData) ? 'array' : typeof jsonData);\r"," } else {\r"," pm.expect(true).to.be.true;\r"," }\r","});\r","\r","pm.test('La respuesta indica éxito de forma tolerante', function () {\r"," if (!rawBody || !rawBody.trim()) {\r"," pm.expect([200, 201, 204]).to.include(pm.response.code);\r"," return;\r"," }\r","\r"," if (jsonData && typeof jsonData === 'object') {\r"," const flattened = JSON.stringify(jsonData).toLowerCase();\r"," const successFlag = jsonData.success;\r"," const allowedIndicators = ['blacklist', 'blocked', 'added', 'created', 'success', 'ok', 'registr'];\r"," const hasIndicator = allowedIndicators.some(word => flattened.includes(word));\r","\r"," if (typeof successFlag === 'boolean') {\r"," pm.expect(successFlag || hasIndicator).to.be.true;\r"," } else {\r"," pm.expect(hasIndicator || pm.response.code === 201 || pm.response.code === 200).to.be.true;\r"," }\r"," } else {\r"," pm.expect(rawBody.toLowerCase()).to.match(/blacklist|blocked|added|created|success|ok/);\r"," }\r","});\r","\r","pm.test('Si el body expone el email, corresponde al esperado', function () {\r"," const expectedEmail = pm.collectionVariables.get('blacklisted_email');\r"," if (jsonData && typeof jsonData === 'object') {\r"," const possibleEmail = jsonData.email || jsonData.data?.email || jsonData.result?.email;\r"," if (possibleEmail !== undefined) {\r"," pm.expect(String(possibleEmail).toLowerCase()).to.eql(expectedEmail);\r"," } else {\r"," pm.expect(true).to.be.true;\r"," }\r"," } else {\r"," pm.expect(true).to.be.true;\r"," }\r","});"],"type":"text/javascript","packages":{},"requests":{},"id":"dd6d20da-884a-488f-a8e7-6746c56e8ea8"}},{"listen":"prerequest","script":{"exec":["const unique = Date.now() + '_' + Math.floor(Math.random() * 100000);\r","const email = `blacklist_${unique}@example.com`;\r","\r","pm.collectionVariables.set('blacklisted_email', email);\r","\r","if (!pm.collectionVariables.get('blocked_reason')) {\r"," pm.collectionVariables.set('blocked_reason', 'Actividad sospechosa detectada');\r","}\r","\r","if (!pm.collectionVariables.get('ip_address')) {\r"," pm.collectionVariables.set('ip_address', '192.168.1.1');\r","}\r","\r","pm.test('Existe token para autenticación', function () {\r"," const token = pm.collectionVariables.get('token');\r"," pm.expect(token, 'token de colección').to.be.a('string').and.not.empty;\r","});"],"type":"text/javascript","packages":{},"requests":{},"id":"ffd836f9-64d0-4e90-a6a7-5d2720b8e70f"}}],"id":"8ea63031-24d5-4023-9d93-dd838762d963","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"auth":{"type":"noauth","isInherited":false},"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"},{"key":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\n \"email\": \"\",\n \"app_uuid\": \"550e8400-e29b-41d4-a716-446655440000\",\n \"blocked_reason\": \"Actividad sospechosa detectada\"\n}"},"url":"http://LB-python-app-1781400546.us-east-2.elb.amazonaws.com/blacklists","description":"Agrega un email a la blacklist (requiere token JWT)
\n","urlObject":{"protocol":"http","path":["blacklists"],"host":["LB-python-app-1781400546.us-east-2.elb.amazonaws.com"],"query":[],"variable":[]}},"response":[],"_postman_id":"8ea63031-24d5-4023-9d93-dd838762d963"},{"name":"3. Verificar si email está en blacklist (GET)","event":[{"listen":"test","script":{"exec":["const expectedStatuses = [200];\r","const responseTimeLimit = 5000;\r","const queriedEmail = 'attacker@suspicious.com';\r","const rawBody = pm.response.text();\r","const contentType = (pm.response.headers.get('Content-Type') || '').toLowerCase();\r","\r","pm.test('Status code es 200', function () {\r"," pm.expect(pm.response.code).to.equal(200);\r","});\r","\r","pm.test('Tiempo de respuesta menor a 5000 ms', function () {\r"," pm.expect(pm.response.responseTime).to.be.below(responseTimeLimit);\r","});\r","\r","pm.test('Existe token en variable de colección para request autenticado', function () {\r"," const token = pm.collectionVariables.get('token');\r"," pm.expect(token, 'La variable token debe existir').to.be.a('string').and.not.empty;\r","});\r","\r","let jsonData = null;\r","const isJson = contentType.includes('application/json');\r","\r","pm.test('La respuesta tiene contenido útil', function () {\r"," pm.expect(rawBody.length).to.be.greaterThan(0);\r","});\r","\r","pm.test('Si responde JSON, el body es JSON válido', function () {\r"," if (isJson) {\r"," jsonData = pm.response.json();\r"," pm.expect(jsonData).to.be.an('object');\r"," } else {\r"," pm.expect(true).to.be.true;\r"," }\r","});\r","\r","pm.test('La respuesta sugiere que el email consultado está en blacklist', function () {\r"," if (jsonData && typeof jsonData === 'object') {\r"," const flattened = JSON.stringify(jsonData).toLowerCase();\r"," const blacklistFlags = [jsonData.blacklisted, jsonData.in_blacklist, jsonData.blocked, jsonData.exists];\r"," const hasTrueFlag = blacklistFlags.some(v => v === true);\r"," const hasIndicator = ['blacklist', 'blocked', 'listed', 'found', 'exists', queriedEmail.toLowerCase()].some(word => flattened.includes(word));\r"," pm.expect(hasTrueFlag || hasIndicator).to.be.true;\r"," } else {\r"," pm.expect(rawBody.toLowerCase()).to.match(/blacklist|blocked|listed|found|exists|attacker@suspicious.com/);\r"," }\r","});\r","\r","pm.test('Si el body expone el email, corresponde al consultado', function () {\r"," if (jsonData && typeof jsonData === 'object') {\r"," const possibleEmail = jsonData.email || jsonData.data?.email || jsonData.result?.email;\r"," if (possibleEmail !== undefined) {\r"," pm.expect(String(possibleEmail).toLowerCase()).to.eql(queriedEmail);\r"," } else {\r"," pm.expect(true).to.be.true;\r"," }\r"," } else {\r"," pm.expect(true).to.be.true;\r"," }\r","});"],"type":"text/javascript","packages":{},"requests":{},"id":"5cee88ae-06c7-4295-ac1d-3d2d9787cbc7"}},{"listen":"prerequest","script":{"exec":["pm.test('Existe token para autenticación', function () {\r"," const token = pm.collectionVariables.get('token');\r"," pm.expect(token, 'token de colección').to.be.a('string').and.not.empty;\r","});"],"type":"text/javascript","packages":{},"requests":{},"id":"2dbe0dc0-e9f3-4da5-bd01-78268670f5e1"}}],"id":"8948e61a-f997-49ca-8dbc-8ffdff03eb4f","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"http://LB-python-app-1781400546.us-east-2.elb.amazonaws.com/blacklists/","description":"Consulta si un email específico está en la blacklist
\n","urlObject":{"protocol":"http","path":["blacklists",""],"host":["LB-python-app-1781400546.us-east-2.elb.amazonaws.com"],"query":[],"variable":[]}},"response":[],"_postman_id":"8948e61a-f997-49ca-8dbc-8ffdff03eb4f"},{"name":"4. Verificar email válido (no en blacklist)","event":[{"listen":"test","script":{"exec":["const expectedStatuses = [200, 204, 404];\r","const responseTimeLimit = 5000;\r","const queriedEmail = 'validemail@example.com';\r","const rawBody = pm.response.text();\r","const contentType = (pm.response.headers.get('Content-Type') || '').toLowerCase();\r","\r","pm.test('Status code dentro de los esperados para email no blacklisteado', function () {\r"," pm.expect(expectedStatuses).to.include(pm.response.code);\r","});\r","\r","pm.test('Tiempo de respuesta menor a 5000 ms', function () {\r"," pm.expect(pm.response.responseTime).to.be.below(responseTimeLimit);\r","});\r","\r","pm.test('Existe token en variable de colección para request autenticado', function () {\r"," const token = pm.collectionVariables.get('token');\r"," pm.expect(token, 'La variable token debe existir').to.be.a('string').and.not.empty;\r","});\r","\r","let jsonData = null;\r","const isJson = contentType.includes('application/json');\r","if (isJson && rawBody) {\r"," try { jsonData = pm.response.json(); } catch (e) {}\r","}\r","\r","pm.test('La respuesta es coherente con un email válido no bloqueado', function () {\r"," if (pm.response.code === 204) {\r"," pm.expect(rawBody).to.satisfy(body => body === '' || body === null);\r"," return;\r"," }\r","\r"," if (!rawBody || !rawBody.trim()) {\r"," pm.expect([204, 404]).to.include(pm.response.code);\r"," return;\r"," }\r","\r"," if (jsonData && typeof jsonData === 'object') {\r"," const flattened = JSON.stringify(jsonData).toLowerCase();\r"," const negativeFlags = [jsonData.blacklisted, jsonData.in_blacklist, jsonData.blocked, jsonData.exists];\r"," const hasExplicitNegativeFlag = negativeFlags.some(v => v === false);\r"," const hasNegativeIndicator = ['not found', 'not in blacklist', 'not blacklisted', 'false', 'valid', 'no existe', 'no está'].some(word => flattened.includes(word));\r"," pm.expect(hasExplicitNegativeFlag || hasNegativeIndicator || pm.response.code === 404 || pm.response.code === 204).to.be.true;\r"," } else {\r"," pm.expect(rawBody.toLowerCase()).to.match(/not found|not in blacklist|not blacklisted|valid|no existe|no está/);\r"," }\r","});\r","\r","pm.test('Si el body expone el email, corresponde al consultado', function () {\r"," if (jsonData && typeof jsonData === 'object') {\r"," const possibleEmail = jsonData.email || jsonData.data?.email || jsonData.result?.email;\r"," if (possibleEmail !== undefined) {\r"," pm.expect(String(possibleEmail).toLowerCase()).to.eql(queriedEmail);\r"," } else {\r"," pm.expect(true).to.be.true;\r"," }\r"," } else {\r"," pm.expect(true).to.be.true;\r"," }\r","});"],"type":"text/javascript","packages":{},"requests":{},"id":"64d0553b-7680-4d72-9b35-316780e615aa"}},{"listen":"prerequest","script":{"exec":["pm.test('Existe token para autenticación', function () {\r"," const token = pm.collectionVariables.get('token');\r"," pm.expect(token, 'token de colección').to.be.a('string').and.not.empty;\r","});"],"type":"text/javascript","packages":{},"requests":{},"id":"df0aed6f-4876-435b-9f8e-b7ae2910aa29"}}],"id":"9a1f06f5-62c6-41b1-b288-c2c0df297d5c","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"http://LB-python-app-1781400546.us-east-2.elb.amazonaws.com/blacklists/","description":"Consulta un email que existe pero no está en la blacklist
\n","urlObject":{"protocol":"http","path":["blacklists",""],"host":["LB-python-app-1781400546.us-east-2.elb.amazonaws.com"],"query":[],"variable":[]}},"response":[],"_postman_id":"9a1f06f5-62c6-41b1-b288-c2c0df297d5c"},{"name":"5. Verificar email con formato inválido","event":[{"listen":"test","script":{"exec":["const expectedStatuses = [400, 404, 422];\r","const responseTimeLimit = 5000;\r","const invalidEmail = 'invalidemail';\r","const rawBody = pm.response.text();\r","const contentType = (pm.response.headers.get('Content-Type') || '').toLowerCase();\r","\r","pm.test('Status code dentro de los esperados para email inválido', function () {\r"," pm.expect(expectedStatuses).to.include(pm.response.code);\r","});\r","\r","pm.test('Tiempo de respuesta menor a 5000 ms', function () {\r"," pm.expect(pm.response.responseTime).to.be.below(responseTimeLimit);\r","});\r","\r","pm.test('Existe token en variable de colección para request autenticado', function () {\r"," const token = pm.collectionVariables.get('token');\r"," pm.expect(token, 'La variable token debe existir').to.be.a('string').and.not.empty;\r","});\r","\r","let jsonData = null;\r","const isJson = contentType.includes('application/json');\r","if (isJson && rawBody) {\r"," try { jsonData = pm.response.json(); } catch (e) {}\r","}\r","\r","pm.test('La respuesta comunica error o validación de formato inválido', function () {\r"," if (!rawBody || !rawBody.trim()) {\r"," pm.expect([400, 404, 422]).to.include(pm.response.code);\r"," return;\r"," }\r","\r"," if (jsonData && typeof jsonData === 'object') {\r"," const flattened = JSON.stringify(jsonData).toLowerCase();\r"," const indicatorWords = ['invalid', 'email', 'format', 'validation', 'bad request', 'incorrect', 'malformed', 'error'];\r"," const hasIndicator = indicatorWords.some(word => flattened.includes(word));\r"," const hasErrorShape = jsonData.error !== undefined || jsonData.message !== undefined || jsonData.detail !== undefined || jsonData.errors !== undefined;\r"," pm.expect(hasIndicator || hasErrorShape).to.be.true;\r"," } else {\r"," pm.expect(rawBody.toLowerCase()).to.match(/invalid|email|format|validation|bad request|incorrect|malformed|error/);\r"," }\r","});\r","\r","pm.test('Si el body expone el valor inválido, corresponde al consultado', function () {\r"," if (jsonData && typeof jsonData === 'object') {\r"," const possibleEmail = jsonData.email || jsonData.input || jsonData.data?.email || jsonData.result?.email;\r"," if (possibleEmail !== undefined) {\r"," pm.expect(String(possibleEmail).toLowerCase()).to.include(invalidEmail);\r"," } else {\r"," pm.expect(true).to.be.true;\r"," }\r"," } else {\r"," pm.expect(true).to.be.true;\r"," }\r","});"],"type":"text/javascript","packages":{},"requests":{},"id":"e353a10f-5e4c-4abb-abe3-c813c149823e"}},{"listen":"prerequest","script":{"exec":["pm.test('Existe token para autenticación', function () {\r"," const token = pm.collectionVariables.get('token');\r"," pm.expect(token, 'token de colección').to.be.a('string').and.not.empty;\r","});"],"type":"text/javascript","packages":{},"requests":{},"id":"2006f94e-749b-4f0d-85f1-0fec18bbce38"}}],"id":"0c1bbfa2-5dfe-445c-9bd1-d529d567e446","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"http://LB-python-app-1781400546.us-east-2.elb.amazonaws.com/blacklists/invalidemail","description":"Consulta un email con formato inválido (sin @)
\n","urlObject":{"protocol":"http","path":["blacklists","invalidemail"],"host":["LB-python-app-1781400546.us-east-2.elb.amazonaws.com"],"query":[],"variable":[]}},"response":[],"_postman_id":"0c1bbfa2-5dfe-445c-9bd1-d529d567e446"},{"name":"6. Agregar email a blacklist (sin app_uuid)","event":[{"listen":"prerequest","script":{"exec":["const unique = Date.now() + '_' + Math.floor(Math.random() * 100000);\r","const email = `blacklist_${unique}@example.com`;\r","\r","pm.collectionVariables.set('blacklisted_email', email);\r","\r","if (!pm.collectionVariables.get('blocked_reason')) {\r"," pm.collectionVariables.set('blocked_reason', 'Actividad sospechosa detectada');\r","}\r","\r","if (!pm.collectionVariables.get('ip_address')) {\r"," pm.collectionVariables.set('ip_address', '192.168.1.1');\r","}\r","\r","pm.test('Existe token para autenticación', function () {\r"," const token = pm.collectionVariables.get('token');\r"," pm.expect(token, 'token de colección').to.be.a('string').and.not.empty;\r","});"],"type":"text/javascript","packages":{},"requests":{},"id":"df579a76-a3f5-4d1b-a501-726f015a2a0d"}},{"listen":"test","script":{"exec":["const expectedStatuses = [400];\r","const responseTimeLimit = 5000;\r","const rawBody = pm.response.text();\r","const contentType = (pm.response.headers.get('Content-Type') || '').toLowerCase();\r","\r","pm.test('Status code 401 esperado para crear/agregar email', function () {\r"," pm.expect(expectedStatuses).to.include(pm.response.code);\r","});\r","\r","pm.test('Tiempo de respuesta menor a 5000 ms', function () {\r"," pm.expect(pm.response.responseTime).to.be.below(responseTimeLimit);\r","});\r","\r","pm.test('Mensaje de respuesta', function(){\r"," pm.expect(rawBody).to.include('app_uuid es obligatorio');\r","})"],"type":"text/javascript","packages":{},"requests":{},"id":"0ed8643a-4d04-4810-b9e6-e1523d086f9f"}}],"id":"7723aec4-d1cc-44ab-bcad-a5d69faa28bd","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\r\n \"email\": \"\",\r\n \"blocked_reason\": \"Actividad sospechosa detectada\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://LB-python-app-1781400546.us-east-2.elb.amazonaws.com/blacklists","urlObject":{"protocol":"http","path":["blacklists"],"host":["LB-python-app-1781400546.us-east-2.elb.amazonaws.com"],"query":[],"variable":[]}},"response":[],"_postman_id":"7723aec4-d1cc-44ab-bcad-a5d69faa28bd"}],"event":[{"listen":"prerequest","script":{"type":"text/javascript","packages":{},"requests":{},"exec":[""],"id":"402e0d32-32b1-4e56-8d0b-50ad956bbcd1"}},{"listen":"test","script":{"type":"text/javascript","packages":{},"requests":{},"exec":[""],"id":"0662f6df-e351-4319-acf8-d9e7f46b5e4d"}}],"variable":[{"key":"base_url","value":"LB-python-app-1781400546.us-east-2.elb.amazonaws.com"},{"key":"token","value":""},{"key":"blacklisted_email","value":""},{"key":"valid_email","value":""},{"key":"invalid_email","value":""},{"key":"app_uuid","value":""},{"key":"blocked_reason","value":""},{"key":"ip_address","value":""}]}