public object Post(UpdateUserRegistrationPasswordRequest request)
        {
            var userAuthRepo = AuthRepo.AsUserAuthRepository(GetResolver());
            var existingUser = userAuthRepo.GetUserAuthByUserName(request.Email);

            if (existingUser == null)
            {
                var rs = new ResponseStatus {
                    Message = request.Email + " Not Found", ErrorCode = "404"
                };
                return(new UpdateUserRegistrationPasswordResponse {
                    ResponseStatus = rs
                });
            }

            var newUserAuth = existingUser;
            var updatedUser = userAuthRepo.UpdateUserAuth(existingUser, newUserAuth, request.NewPassword);

            return(new UpdateUserRegistrationPasswordResponse
            {
                DisplayName = updatedUser.DisplayName,
                UserId = updatedUser.Id.ToString(CultureInfo.InvariantCulture),
                ResponseStatus = new ResponseStatus {
                    Message = "200"
                }
            });
        }
Beispiel #2
0
        public void non_admins_can_not_update_other_passwords()
        {
            // ReSharper disable RedundantTypeArgumentsOfMethod
            var createRequest = new UserRegistrationRequest
            {
                Email     = "*****@*****.**",
                Password  = "******",
                AutoLogin = true
            };

            var createResponse = RestClient.Post <UserRegistrationResponse>(createRequest);

            Assert.IsNotNull(createResponse);
            Assert.IsTrue(createResponse.UserId.Length > 0);


            var checkLoginStatus = RestClient.Post <AuthenticateResponse>(new Authenticate());

            Assert.IsNotNull(checkLoginStatus);
            Assert.AreEqual(createRequest.Email, checkLoginStatus.UserName);

            //login as a non-admin
            checkLoginStatus = RestClient.Post <AuthenticateResponse>(new Authenticate {
                provider = "credentials", UserName = TestUser.Email, Password = TestUser.Password
            });
            Assert.IsNotNull(checkLoginStatus);
            Assert.AreEqual(TestUser.Email, checkLoginStatus.UserName);



            // try and fail update the password
            var updateRequest = new UpdateUserRegistrationPasswordRequest {
                Email = "*****@*****.**", NewPassword = "******"
            };
            var error = Assert.Throws <WebServiceException>(() => RestClient.Post <UpdateUserRegistrationPasswordResponse>(updateRequest));

            Assert.AreEqual("Invalid Role", error.Message);

            //logout
            Logout();
            // ReSharper restore RedundantTypeArgumentsOfMethod
        }
        public void non_admins_can_not_update_other_passwords()
        {
            // ReSharper disable RedundantTypeArgumentsOfMethod
            var createRequest = new UserRegistrationRequest
            {
                Email = "*****@*****.**",
                Password = "******",
                AutoLogin = true
            };

            var createResponse = RestClient.Post<UserRegistrationResponse>(createRequest);
            Assert.IsNotNull(createResponse);
            Assert.IsTrue(createResponse.UserId.Length > 0);

            var checkLoginStatus = RestClient.Post<AuthenticateResponse>(new Authenticate());
            Assert.IsNotNull(checkLoginStatus);
            Assert.AreEqual(createRequest.Email, checkLoginStatus.UserName);

            //login as a non-admin
            checkLoginStatus = RestClient.Post<AuthenticateResponse>(new Authenticate { provider = "credentials", UserName = TestUser.Email, Password = TestUser.Password });
            Assert.IsNotNull(checkLoginStatus);
            Assert.AreEqual(TestUser.Email, checkLoginStatus.UserName);

            // try and fail update the password
            var updateRequest = new UpdateUserRegistrationPasswordRequest { Email = "*****@*****.**", NewPassword = "******" };
            var error = Assert.Throws<WebServiceException>(() => RestClient.Post<UpdateUserRegistrationPasswordResponse>(updateRequest));
            Assert.AreEqual("Invalid Role", error.Message);

            //logout
            Logout();
            // ReSharper restore RedundantTypeArgumentsOfMethod
        }