public void GetUsersByFullNameTest_WrongUserNameReturnError()
{
string message = string.Empty;
PHSUser user1 = new PHSUser();
user1.Username = "******";
user1.FullName = "testFullname1";
user1.Password = "******";
user1.Role = Constants.User_Role_Volunteer_Code;
user1.IsActive = false;
var success = _target.AddUser(_loginuser, user1, out message);
Assert.IsTrue(success);
Assert.AreEqual(string.Empty, message);
PHSUser user2 = new PHSUser();
user2.Username = "******";
user2.FullName = "testFullname2";
user2.Password = "******";
user2.Role = Constants.User_Role_Volunteer_Code;
user2.IsActive = true;
success = _target.AddUser(_loginuser, user2, out message);
Assert.IsTrue(success);
Assert.AreEqual(string.Empty, message);
var getUser = _target.GetUsersByFullName("testUsername2", out message);
Assert.IsNull(getUser);
Assert.AreEqual("User not found.", message);
}
public void GetUserByIDTest_Success()
{
string message = string.Empty;
PHSUser user1 = new PHSUser();
user1.Username = "******";
user1.FullName = "testFullname1";
user1.Password = "******";
user1.Role = Constants.User_Role_Volunteer_Code;
user1.IsActive = false;
var success = _target.AddUser(_loginuser, user1, out message);
Assert.IsTrue(success);
Assert.AreEqual(string.Empty, message);
PHSUser user2 = new PHSUser();
user2.Username = "******";
user2.FullName = "testFullname2";
user2.Password = "******";
user2.Role = Constants.User_Role_Volunteer_Code;
user2.IsActive = true;
success = _target.AddUser(_loginuser, user2, out message);
Assert.IsTrue(success);
Assert.AreEqual(string.Empty, message);
PHSUser getUser = _target.GetUserByID(user2.PHSUserID, out message);
Assert.IsNotNull(getUser);
Assert.AreEqual(user2, getUser);
Assert.AreEqual(string.Empty, message);
}
public void UpdateUserTest_NullOrEmptyRoleReturnError()
{
string message = string.Empty;
PHSUser user = new PHSUser();
user.Username = "******";
user.Password = "******";
user.FullName = "testFullname";
user.Role = Constants.User_Role_Volunteer_Code;
var success = _target.AddUser(_loginuser, user, out message);
Assert.IsTrue(success);
Assert.AreEqual(string.Empty, message);
user.Role = null;
success = _target.UpdateUser(_loginuser, user, out message);
Assert.IsFalse(success);
Assert.AreEqual("Please fill in all required fields", message);
user.Role = string.Empty;
success = _target.UpdateUser(_loginuser, user, out message);
Assert.IsFalse(success);
Assert.AreEqual("Please fill in all required fields", message);
user.Role = " ";
success = _target.UpdateUser(_loginuser, user, out message);
Assert.IsFalse(success);
Assert.AreEqual("Please fill in all required fields", message);
}
public bool ChangePassword(PHSUser user, string oldPass, string newPass, string newPassConfirm, out string message)
{
if (user == null || user.PHSUserID == 0 || string.IsNullOrEmpty(user.Username))
{
message = "Cannot find user";
return(false);
}
if (string.IsNullOrEmpty(oldPass))
{
message = "Please Enter Old Password";
return(false);
}
if (string.IsNullOrEmpty(newPass) || string.IsNullOrEmpty(newPass.Trim()))
{
message = "Please Enter New Password";
return(false);
}
if (string.IsNullOrEmpty(newPassConfirm) || string.IsNullOrEmpty(newPassConfirm.Trim()))
{
message = "Please Enter Confirmed New Password";
return(false);
}
if (!newPass.Trim().Equals(newPassConfirm, StringComparison.CurrentCultureIgnoreCase))
{
message = "Please confirm new password";
return(false);
}
if (!PasswordManager.IsPasswordComplex(newPass))
{
message = "Password must be a combination of at least 1 digit, 1 upper case letter, 1 lower case letter, 1 symbol and length of at least 8";
return(false);
}
var existingUser = IsAuthenticated(user.Username, oldPass, out message);
if (existingUser == null)
{
message = "Invalid Password";
return(false);
}
SecureString newPassHash = PasswordManager.CreateHash(newPass, user.PasswordSalt);
using (var unitOfWork = CreateUnitOfWork())
{
try
{
unitOfWork.Users.Get(user.PHSUserID).Password = PasswordManager.SecureStringToString(newPassHash);
unitOfWork.Users.Get(user.PHSUserID).UsingTempPW = false;
unitOfWork.Users.Get(user.PHSUserID).UpdatedDateTime = DateTime.Now;
unitOfWork.Complete();
return(true);
}
catch (Exception ex)
{
ExceptionLog(ex);
message = "Operation failed during saving Password. Please contact system admin";
return(false);
}
}
}
public void AddUserTest_Success()
{
string message = string.Empty;
PHSUser user = new PHSUser();
user.Username = "******";
user.FullName = "testFullName";
user.Password = "******";
user.Role = Constants.User_Role_Volunteer_Code;
var success = _target.AddUser(_loginuser, user, out message);
Assert.IsTrue(success);
Assert.AreEqual(string.Empty, message);
var expectedResult = _target.GetUserByUserName(user.Username, out message);
Assert.IsNotNull(expectedResult);
Assert.AreEqual("testUsername", expectedResult.Username);
Assert.AreEqual("testFullName", expectedResult.FullName);
Assert.IsNotNull(expectedResult.Password);
Assert.IsNotNull(expectedResult.PasswordSalt);
Assert.AreEqual(Constants.User_Role_Volunteer_Code, expectedResult.Role);
Assert.IsNotNull(expectedResult.CreatedDateTime);
Assert.AreEqual(_loginuser.Username, expectedResult.CreatedBy);
Assert.IsTrue(expectedResult.UsingTempPW);
}
public void IsAuthenticatedTest_Success()
{
string username = "******";
string stuff = "abcde12345";
PHSUser user = new PHSUser()
{
Username = username,
FullName = "tester 123",
Password = stuff,
IsActive = true,
EffectiveStartDate = DateTime.Now,
EffectiveEndDate = DateTime.Now.AddDays(1),
Role = Constants.User_Role_Volunteer_Code
};
string message = string.Empty;
bool saveResult = _target.AddUser(_loginuser, user, out message);
Assert.IsTrue(saveResult);
Assert.AreEqual(string.Empty, message);
PHSUser expectedResult = _target.IsAuthenticated(username, stuff, out message);
Assert.IsNotNull(expectedResult);
Assert.AreEqual("tester 123", expectedResult.FullName);
}
public void LogUserIn(PHSUser user)
{
try
{
claims.Add(new Claim(ClaimTypes.PrimarySid, user.PHSUserID.ToString()));
claims.Add(new Claim(ClaimTypes.Name, user.FullName));
claims.Add(new Claim(ClaimTypes.NameIdentifier, user.Username));
claims.Add(new Claim(ClaimTypes.Role, user.Role));
identity = new ClaimsIdentity(claims, DefaultAuthenticationTypes.ApplicationCookie);
HttpContext.GetOwinContext().Authentication.SignIn(new AuthenticationProperties()
{
//ExpiresUtc = DateTime.UtcNow.(200),
IsPersistent = true
}, identity);
}
catch (Exception ex)
{
ExceptionLog(ex);
//throw;
}
if (Session != null)
{
Session[UserSessionParam] = user;
}
if (!TempData.Keys.Contains(UserSessionParam))
{
TempData.Add(UserSessionParam, user);
InfoLog("User: "******" logged in");
}
TempData.Keep(UserSessionParam);
}
/*
* Will check username
* If username exists, will return null and username already exists message
*/
public bool AddUser(PHSUser loginUser, PHSUser user, out string message)
{
message = string.Empty;
if (user == null)
{
message = Constants.PleaseFillInAllRequiredFields();
return(false);
}
if (string.IsNullOrEmpty(user.Username) || string.IsNullOrEmpty(user.Username.Trim()))
{
message = Constants.PleaseFillInAllRequiredFields();
return(false);
}
if (UserNameExists(user.Username, user.PHSUserID, out message))
{
message = "Username already exists";
return(false);
}
if (string.IsNullOrEmpty(user.FullName) || string.IsNullOrEmpty(user.FullName.Trim()))
{
message = Constants.PleaseFillInAllRequiredFields();
return(false);
}
if (string.IsNullOrEmpty(user.Role) || string.IsNullOrEmpty(user.Role.Trim()))
{
message = Constants.PleaseFillInAllRequiredFields();
return(false);
}
var hashedUser = GenerateHashedUser(user, out message);
if (hashedUser == null)
{
return(false);
}
user = hashedUser;
try
{
using (var unitOfWork = CreateUnitOfWork())
{
using (TransactionScope scope = new TransactionScope())
{
user.CreatedDateTime = DateTime.Now;
user.CreatedBy = loginUser.Username;
user.UsingTempPW = true;
unitOfWork.Users.Add(user);
unitOfWork.Complete();
scope.Complete();
}
message = string.Empty;
return(true);
}
}
catch (Exception ex)
{
ExceptionLog(ex);
message = Constants.OperationFailedDuringAddingValue("User");
return(false);
}
}
public PHSUser GenerateHashedUser(PHSUser user, out string message)
{
if (user == null)
{
message = Constants.ValueIsEmpty("User");
return(null);
}
if (string.IsNullOrEmpty(user.Username))
{
message = Constants.ValueIsEmpty("User Id");
return(null);
}
if (string.IsNullOrEmpty(user.Password))
{
message = Constants.ValueIsEmpty("Password");
return(null);
}
try
{
user.PasswordSalt = PasswordManager.GenerateSalt();
user.Password = PasswordManager.SecureStringToString(PasswordManager.CreateHash(user.Password, user.PasswordSalt));
message = string.Empty;
return(user);
}
catch (Exception ex)
{
ExceptionLog(ex);
message = Constants.OperationFailedDuringAddingValue("User");
return(null);
}
}
public ActionResult CreateUser([Bind(Include = "Username,FullName,ContactNumber,MCRNo,Role,IsActive,EffectiveStartDate,EffectiveEndDate")] PHSUser user)
{
if (!IsUserAuthenticated())
{
return(RedirectToLogin());
}
SetBackURL("Index");
string message = string.Empty;
using (var userManager = new UserManager(GetLoginUser()))
{
string tempPassword = PasswordManager.Generate();
user.Password = tempPassword;
var newUserCreated = userManager.AddUser(GetLoginUser(), user, out message);
if (!newUserCreated)
{
SetViewBagError(message);
SetBackURL("Index");
return(View());
}
SetTempDataMessage(user.Username + " has been created successfully with password " + tempPassword);
SetBackURL("Index");
return(RedirectToAction("Index"));
}
}
public void UpdateUserTest_ExistingUsernameReturnError()
{
string message = string.Empty;
PHSUser user = new PHSUser();
user.Username = "******";
user.FullName = "testFullName";
user.Password = "******";
user.Role = Constants.User_Role_Volunteer_Code;
var success = _target.AddUser(_loginuser, user, out message);
Assert.IsTrue(success);
Assert.AreEqual(string.Empty, message);
PHSUser user1 = new PHSUser();
user1.Username = "******";
user1.FullName = "testFullName1";
user1.Password = "******";
user1.Role = Constants.User_Role_Volunteer_Code;
success = _target.AddUser(_loginuser, user1, out message);
Assert.IsTrue(success);
Assert.AreEqual(string.Empty, message);
user1.Username = "******";
success = _target.UpdateUser(_loginuser, user1, out message);
Assert.IsFalse(success);
Assert.AreEqual("Username already exists", message);
}
public void UpdateUserTest_NullUserReturnError()
{
string message = string.Empty;
PHSUser user = null;
var success = _target.UpdateUser(_loginuser, user, out message);
Assert.IsFalse(success);
Assert.AreEqual("Please fill in all required fields", message);
}
public void CleanupTest()
{
// dispose of the database and connection
_context.Dispose();
_unitOfWork.Dispose();
_target.Dispose();
_unitOfWork = null;
_context = null;
_target = null;
_loginuser = null;
}
public bool UpdateUser(PHSUser loginUser, PHSUser user, out string message)
{
message = string.Empty;
if (user == null)
{
message = Constants.PleaseFillInAllRequiredFields();
return(false);
}
if (string.IsNullOrEmpty(user.Username) || string.IsNullOrEmpty(user.Username.Trim()))
{
message = Constants.PleaseFillInAllRequiredFields();
return(false);
}
if (UserNameExists(user.Username, user.PHSUserID, out message))
{
message = "Username already exists";
return(false);
}
if (string.IsNullOrEmpty(user.FullName) || string.IsNullOrEmpty(user.FullName.Trim()))
{
message = Constants.PleaseFillInAllRequiredFields();
return(false);
}
if (string.IsNullOrEmpty(user.Role) || string.IsNullOrEmpty(user.Role.Trim()))
{
message = Constants.PleaseFillInAllRequiredFields();
return(false);
}
try
{
using (var unitOfWork = CreateUnitOfWork())
{
var userToUpdate = unitOfWork.Users.Get(user.PHSUserID);
Util.CopyNonNullProperty(user, userToUpdate);
userToUpdate.UpdatedDateTime = DateTime.Now;
userToUpdate.UpdatedBy = loginUser.Username;
using (TransactionScope scope = new TransactionScope())
{
unitOfWork.Complete();
scope.Complete();
}
}
message = string.Empty;
return(true);
}
catch (Exception ex)
{
ExceptionLog(ex);
message = Constants.OperationFailedDuringUpdatingValue("User");
return(false);
}
}
public IList <FollowUpGroup> GetParticipantsByLoginUser(int eventid, PHSUser loginuser, out string message)
{
message = string.Empty;
using (var unitOfWork = CreateUnitOfWork())
{
var result = new List <FollowUpGroup>();
var followupconfig = unitOfWork.FollowUpConfigurations.GetDeployedFollowUpConfiguration(eventid);
if (followupconfig == null)
{
message = "No follow-up configuration is deployed!!";
return(result);
}
if (loginuser.Role == Constants.User_Role_FollowUpCommitteeMember_Code)
{
return(followupconfig.FollowUpGroups.ToList());
}
else if (loginuser.Role == Constants.User_Role_FollowUpVolunteer_Code ||
loginuser.Role == Constants.User_Role_CommitteeMember_Code)
{
var followupgroups = followupconfig.FollowUpGroups;
if (followupgroups.Count > 0)
{
foreach (var item in followupgroups)
{
var resultfollowupgroup = new FollowUpGroup();
var resultparticipantcallmaplist = new List <ParticipantCallerMapping>();
foreach (var map in item.ParticipantCallerMappings)
{
if (map.PhaseIFollowUpVolunteer == loginuser.FullName ||
map.PhaseIIFollowUpVolunteer == loginuser.FullName ||
map.PhaseICommitteeMember == loginuser.FullName ||
map.PhaseIICommitteeMember == loginuser.FullName)
{
resultparticipantcallmaplist.Add(map);
}
}
resultfollowupgroup.ParticipantCallerMappings = resultparticipantcallmaplist;
result.Add(resultfollowupgroup);
}
}
else
{
message = "No follow-up group present!!";
}
}
return(result);
}
}
public void SetupTest()
{
var connection = DbConnectionFactory.CreateTransient();
_context = new PHSContext(connection);
_unitOfWork = new MockUnitOfWork(_context);
_target = new MockUserManager(_unitOfWork);
_loginuser = new PHSUser();
_loginuser.Username = "******";
_loginuser.FullName = "loginFullName";
_loginuser.Password = "******";
_loginuser.Role = Constants.User_Role_CommitteeMember_Code;
}
public bool GetCurrentActiveStatus(PHSUser user)
{
if (user == null)
{
return(false);
}
if (user.IsActive)
{
if (DateTime.Now >= user.EffectiveStartDate && DateTime.Now <= user.EffectiveEndDate)
{
return(true);
}
}
return(false);
}
public void AddUserTest_EffectiveStartDateLessThanEndDateReturnError()
{
string message = string.Empty;
PHSUser user = new PHSUser();
user.Username = "******";
user.FullName = "testFullname";
user.Password = "******";
user.Role = Constants.User_Role_Volunteer_Code;
user.EffectiveStartDate = Convert.ToDateTime("08/01/2017");
user.EffectiveEndDate = Convert.ToDateTime("07/01/2017");
var success = _target.AddUser(_loginuser, user, out message);
Assert.IsFalse(success);
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
user = httpContext.Session[BaseController.UserSessionParam] as PHSUser;
if (user == null)
{
return(false);
}
else
{
if (!allowedroles.Contains(user.Role))
{
return(false);
}
return(true);
}
}
public ActionResult EditProfile(PHSUser user)
{
if (!IsUserAuthenticated())
{
return(RedirectToLogin());
}
string message = string.Empty;
using (var userManager = new UserManager(GetLoginUser()))
{
if (userManager.UpdateUser(GetLoginUser(), user, out message))
{
return(RedirectToHome());
}
SetViewBagError(message);
return(View(user));
}
}
public void AddUserTest_NullOrEmptyRoleReturnError()
{
string message = string.Empty;
PHSUser user = new PHSUser();
user.Username = "******";
user.Password = "******";
user.FullName = "testFullname";
var success = _target.AddUser(_loginuser, user, out message);
Assert.IsFalse(success);
Assert.AreEqual("Please fill in all required fields", message);
user.Role = string.Empty;
success = _target.AddUser(_loginuser, user, out message);
Assert.IsFalse(success);
Assert.AreEqual("Please fill in all required fields", message);
}
public void GetCurrentActiveStatusTest_FalseFlagReturnFalse()
{
string message = string.Empty;
PHSUser user = new PHSUser();
user.Username = "******";
user.FullName = "testFullName";
user.Password = "******";
user.Role = Constants.User_Role_Volunteer_Code;
user.IsActive = false;
var success = _target.AddUser(_loginuser, user, out message);
Assert.IsTrue(success);
Assert.AreEqual(string.Empty, message);
success = _target.GetCurrentActiveStatus(user);
Assert.IsFalse(success);
}
public void UserNameExistsTest_ReturnFalse()
{
string message = string.Empty;
PHSUser user = new PHSUser();
user.Username = "******";
user.FullName = "testFullName";
user.Password = "******";
user.Role = Constants.User_Role_Volunteer_Code;
var success = _target.AddUser(_loginuser, user, out message);
Assert.IsTrue(success);
Assert.AreEqual(string.Empty, message);
success = _target.UserNameExists("testUsername1", 0, out message);
Assert.IsFalse(success);
Assert.AreEqual(string.Empty, message);
}
public ActionResult Login([Bind(Include = "Username,Password")] PHSUser user)
{
ActionResult result = View();
using (var userManager = new UserManager(GetLoginUser()))
{
string message = string.Empty;
var authenticatedUser = userManager.IsAuthenticated(user.Username, user.Password, out message);
if (authenticatedUser != null)
{
if (authenticatedUser.UsingTempPW)
{
authenticatedUser.Role = String.Empty;
LogUserIn(authenticatedUser);
return(RedirectToAction("ChangePassword"));
}
LogUserIn(authenticatedUser);
switch (GetLoginUserRole())
{
case Constants.User_Role_CommitteeMember_Code:
result = Redirect("~/Admin/User");
break;
case Constants.User_Role_Doctor_Code:
result = Redirect("~/ParticipantJourney/Index");
break;
case Constants.User_Role_Volunteer_Code:
result = Redirect("~/ParticipantJourney/Index");
break;
case Constants.User_Role_FollowUpVolunteer_Code:
case Constants.User_Role_FollowUpCommitteeMember_Code:
result = Redirect("~/FollowUp/Index");
break;
}
}
SetViewBagError(message);
return(result);
}
}
public ActionResult GenerateDoctorMemo(string text)
{
if (text == null)
{
text = "";
}
String guid = Guid.NewGuid().ToString();
string templatePath = Server.MapPath("~/App_Data/Doctor's Memo Template.docx");
// Load template into memory
var doc = DocX.Load(templatePath);
doc.ReplaceText("<<Replaced>>", text);
PHSUser loginUser = GetLoginUser();
doc.ReplaceText("<<NAME>>", loginUser.FullName);
if (loginUser.MCRNo != null)
{
doc.ReplaceText("<<MCRNo>>", loginUser.MCRNo);
}
else
{
doc.ReplaceText("<<MCRNo>>", "");
}
var ms = new MemoryStream();
doc.SaveAs(ms);
ms.Position = 0;
byte[] fileBytes = ms.ToArray();
TempData[guid] = fileBytes;
return(new JsonResult()
{
Data = new { FileGuid = guid, FileName = "Doctor's Memo.docx" }
});
}
public void GetCurrentActiveStatusTest_TrueFlagDateNotInRangeReturnTrue()
{
string message = string.Empty;
PHSUser user = new PHSUser();
user.Username = "******";
user.FullName = "testFullName";
user.Password = "******";
user.Role = Constants.User_Role_Volunteer_Code;
user.IsActive = true;
user.EffectiveStartDate = Convert.ToDateTime("07/01/2017");
user.EffectiveEndDate = Convert.ToDateTime("08/01/2017");
var success = _target.AddUser(_loginuser, user, out message);
Assert.IsTrue(success);
Assert.AreEqual(string.Empty, message);
success = _target.GetCurrentActiveStatus(user);
Assert.IsFalse(success);
}
public void ResetPasswordTest_Success()
{
string username = "******";
string stuff = "abcde12345";
PHSUser user = new PHSUser()
{
Username = username,
FullName = "tester 123",
Password = stuff,
IsActive = true,
EffectiveStartDate = DateTime.Now,
EffectiveEndDate = DateTime.Now.AddDays(1),
Role = Constants.User_Role_Volunteer_Code
};
string message = string.Empty;
bool saveResult = _target.AddUser(_loginuser, user, out message);
Assert.IsTrue(saveResult);
Assert.AreEqual(string.Empty, message);
PHSUser loginUser = _target.IsAuthenticated(username, stuff, out message);
Assert.IsNotNull(loginUser);
string newPassword = PasswordManager.Generate();
string[] selectedUsers = new string[1];
selectedUsers[0] = username;
bool resetResult = _target.ResetPassword(_loginuser, selectedUsers, newPassword, out message);
Assert.IsTrue(resetResult);
Assert.AreEqual(string.Empty, message);
loginUser = _target.IsAuthenticated(username, newPassword, out message);
Assert.IsNotNull(loginUser);
}
public ActionResult EditUser([Bind(Include = "Username,FullName,ContactNumber,MCRNo,Role,IsActive,EffectiveStartDate,EffectiveEndDate,PHSUserID,CreatedDateTime")] PHSUser user)
{
if (!IsUserAuthenticated())
{
return(RedirectToLogin());
}
string message = string.Empty;
using (var userManager = new UserManager(GetLoginUser()))
{
if (userManager.UpdateUser(GetLoginUser(), user, out message))
{
SetTempDataMessage(Constants.ValueSuccessfuly("User has been updated"));
return(RedirectToAction("Index"));
}
//message = "Update failed!";
SetViewBagError(message);
SetBackURL("Index");
return(View(user));
}
}
public void ChangePasswordTest_Success()
{
string username = "******";
string stuff = "abcde12345";
PHSUser user = new PHSUser()
{
Username = username,
FullName = "tester 123",
Password = stuff,
IsActive = true,
EffectiveStartDate = DateTime.Now,
EffectiveEndDate = DateTime.Now.AddDays(1),
Role = Constants.User_Role_Volunteer_Code
};
string message = string.Empty;
bool saveResult = _target.AddUser(_loginuser, user, out message);
Assert.IsTrue(saveResult);
Assert.AreEqual(string.Empty, message);
PHSUser loginUser = _target.IsAuthenticated(username, stuff, out message);
Assert.IsNotNull(loginUser);
Assert.IsTrue(loginUser.UsingTempPW);
string newStuff = "Aabbccdd@1122";
bool changeResult = _target.ChangePassword(loginUser, stuff, newStuff, newStuff, out message);
Assert.IsTrue(changeResult);
Assert.AreEqual(string.Empty, message);
loginUser = _target.IsAuthenticated(username, newStuff, out message);
Assert.IsNotNull(loginUser);
Assert.IsFalse(loginUser.UsingTempPW);
}
public ActionResult UserDetails(int userID = 0)
{
if (!IsUserAuthenticated())
{
return(RedirectToLogin());
}
string message = string.Empty;
using (var userManager = new UserManager(GetLoginUser()))
{
PHSUser user = userManager.GetUserByID(userID, out message);
if (user == null)
{
SetViewBagError(message);
}
else
{
user.Password = string.Empty;
}
return(View(user));
}
}
