public void changePassword_post_currentUser_should_not_allow_change_pass_if_oldPassword_is_not_valid()
{
UsersManagement.CheckUserPassword(Arg.Any<string>(), Arg.Any<string>()).Returns(false);
string oldPassword = "******";
var viewModel = new UserChangePasswordViewModel() { LoginName = CurrentUserLogin, OldPassword = oldPassword, NewPassword = "******", ConfirmPassword = "******" };
InitTestUsers(RoleType.Appraiser);
var result = Target.ChangePassword(viewModel, ButtonTypes.Save);
UsersManagement.Received().CheckUserPassword(CurrentUserLogin, oldPassword);
UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(Arg.Any<string>(), Arg.Any<int>(), Arg.Any<string>());
Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit();
}
public ActionResult ChangePassword(UserChangePasswordViewModel model, ButtonTypes pressedButtonType)
{
if (pressedButtonType == ButtonTypes.Save)
{
if (string.IsNullOrEmpty(model.LoginName))
{
ModelState.AddModelError("incorrectUserPassword", "You have no permissions to change password.");
return PartialView(Constants.Views.UserChangePassword, model.ClearPasswords());
}
if (!ModelState.IsValidField("NewPassword") ||
!ModelState.IsValidField("ConfirmPassword") ||
!model.NewPassword.Equals(model.ConfirmPassword))
return PartialView(Constants.Views.UserChangePassword, model.ClearPasswords());
if (!_appraiserAccessManager.CanChangePasswordForUser(model.LoginName))
{
ModelState.AddModelError("incorrectUserPassword", "You have no permissions to change password.");
return PartialView(Constants.Views.UserChangePassword, model.ClearPasswords());
}
if (model.LoginName.Equals(User.Identity.Name, StringComparison.OrdinalIgnoreCase))
{
if (!_userManagement.CheckUserPassword(model.LoginName, model.OldPassword))
ModelState.AddModelError("OldPassword", "Incorrect old password");
}
else
ModelState["OldPassword"].Errors.Clear();
if (!ModelState.IsValid)
return PartialView(Constants.Views.UserChangePassword, model.ClearPasswords());
var user = _userManagement.GetByEmail(model.LoginName);
_userManagement.ChangePassword(model.LoginName, user.Id, model.NewPassword);
_userManagement.ClearFailedAttempt(model.LoginName);
if (model.LoginName.ToLower() != User.Identity.Name.ToLower())
{
_taskManager.ScheduleChangePasswordNotification(model.LoginName, model.NewPassword);
}
CommitProviderInstance.Commit();
return Constants.Json.Default;
}
return Constants.Json.Default;
}
public void changePassword_post_should_not_allow_change_pass_if_newpass_is_not_confirmed()
{
UsersManagement.CheckUserPassword(Arg.Any<string>(), Arg.Any<string>()).Returns(true);
var viewModel = new UserChangePasswordViewModel()
{
LoginName = CurrentUserLogin,
OldPassword = "******",
NewPassword = "******",
ConfirmPassword = "******"
};
var result = Target.ChangePassword(viewModel, ButtonTypes.Save);
UsersManagement.DidNotReceiveWithAnyArgs().CheckUserPassword(Arg.Any<string>(), Arg.Any<string>());
UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(Arg.Any<string>(), Arg.Any<int>(), Arg.Any<string>());
Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit();
}
public void changePassword_post_AppraisalCompanyAdminAndAppraiser_cannot_change_pass_for_DvsUsers()
{
var userId = 33;
var viewModel = new UserChangePasswordViewModel()
{
LoginName = "*****@*****.**",
OldPassword = "******",
NewPassword = "******",
ConfirmPassword = "******"
};
InitTestUsers(RoleType.CompanyAdminAndAppraiser);
UsersManagement.GetByEmail(viewModel.LoginName).Returns(
new User()
{
Roles = new Role[] { new Role() { Id = (int)RoleType.DvsSuperAdmin } },
Id = userId
});
var result = Target.ChangePassword(viewModel, ButtonTypes.Save);
UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(viewModel.LoginName, userId, viewModel.NewPassword);
Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit();
UsersManagement.GetByEmail(viewModel.LoginName).Returns(
new User()
{
Roles = new Role[] { new Role() { Id = (int)RoleType.DvsAdmin } },
Id = userId
});
result = Target.ChangePassword(viewModel, ButtonTypes.Save);
UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(viewModel.LoginName, userId, viewModel.NewPassword);
Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit();
}
public void changePassword_post_Appraiser_cannt_change_pass_for_other_user()
{
var viewModel = new UserChangePasswordViewModel()
{
LoginName = "*****@*****.**",
OldPassword = "******",
NewPassword = "******",
ConfirmPassword = "******"
};
foreach (RoleType role in Enum.GetValues(typeof(RoleType)))
{
InitTestUsers(RoleType.Appraiser);
UsersManagement.GetByEmail(viewModel.LoginName).Returns(
new User()
{
Roles = new Role[] { new Role() { Id = (int)role } }
});
var result = Target.ChangePassword(viewModel, ButtonTypes.Save);
UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(Arg.Any<string>(), Arg.Any<int>(), Arg.Any<string>());
Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit();
}
}
public void changePassword_post_AppraisalCompanyAdmin_cannot_change_pass_for_other_company()
{
var userId = 32;
var viewModel = new UserChangePasswordViewModel()
{
LoginName = "*****@*****.**",
OldPassword = "******",
NewPassword = "******",
ConfirmPassword = "******"
};
InitTestUsers(RoleType.AppraisalCompanyAdmin);
UsersManagement.GetByEmail(viewModel.LoginName).Returns(
new User()
{
Email = viewModel.LoginName,
Roles = new Role[] { new Role() { Id = (int)RoleType.Appraiser }, },
Id = userId
});
AppraiserManager.GetByEmail(CurrentUserLogin).Returns(new AppraiserUser { Company = new Model.Entities.AppraisalCompany.AppraisalCompanyDetail() { CompanyId = "AAA" } });
AppraiserManager.GetByEmail(viewModel.LoginName).Returns(new AppraiserUser { Company = new Model.Entities.AppraisalCompany.AppraisalCompanyDetail() { CompanyId = "BBB" } });
var result = Target.ChangePassword(viewModel, ButtonTypes.Save);
UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(viewModel.LoginName, userId, viewModel.NewPassword);
Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit();
InitTestUsers(RoleType.CompanyAdminAndAppraiser);
result = Target.ChangePassword(viewModel, ButtonTypes.Save);
UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(viewModel.LoginName, userId, viewModel.NewPassword);
Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit();
}
public void changePassword_post_SuperDVSAdmin_can_change_pass_for_other_user()
{
var userId = 12;
var viewModel = new UserChangePasswordViewModel()
{
LoginName = "*****@*****.**",
OldPassword = "******",
NewPassword = "******",
ConfirmPassword = "******"
};
InitTestUsers(RoleType.DvsSuperAdmin);
UsersManagement.GetByEmail(viewModel.LoginName).Returns(
new User()
{
Roles = new Role[] { new Role() { Id = (int)RoleType.DvsSuperAdmin } },
Id = userId
});
var result = Target.ChangePassword(viewModel, ButtonTypes.Save);
UsersManagement.Received().ChangePassword(viewModel.LoginName, userId, viewModel.NewPassword);
Target.CommitProviderInstance.Received().Commit();
}
public void changePassword_post_should_allow_change_pass_if_for_current_user()
{
UsersManagement.CheckUserPassword(Arg.Any<string>(), Arg.Any<string>()).Returns(true);
var viewModel = new UserChangePasswordViewModel()
{
LoginName = CurrentUserLogin,
OldPassword = "******",
NewPassword = "******",
ConfirmPassword = "******"
};
InitTestUsers(RoleType.Appraiser);
var result = Target.ChangePassword(viewModel, ButtonTypes.Save);
UsersManagement.Received().CheckUserPassword(CurrentUserLogin, viewModel.OldPassword);
UsersManagement.Received().ChangePassword(CurrentUserLogin, Arg.Any<int>(), viewModel.NewPassword);
Target.CommitProviderInstance.ReceivedWithAnyArgs().Commit();
}
