public void DAvatar_WhenAskedForKey_ReturnsEmail_ID()
{
//Arrange: An avatar with a unique key is constructed.
DAvatar avatar = new DAvatar { Avatar_ID = -1 };
//Act: the key is retrieved.
int key = avatar.key;
//Assert: the key is the same as the friended user's ID.
Assert.AreEqual(key, avatar.Avatar_ID);
}
public void DAvatarWithHtmlMembers_WhenScrubbed_BecomesSafe()
{
//Arrange: An avatar with malicious sql members is constructed.
string malicious = "<div></div>";
DAvatar avatar = new DAvatar{
Title = malicious,
Url = malicious
};
//Act: The friended user is scrubbed.
avatar.Scrub();
//Assert: The friended user has no html in its members.
Assert.AreNotEqual(malicious, avatar.Title);
Assert.AreNotEqual(malicious, avatar.Url);
}
public void DAvatarWithSqlMembers_WhenScrubbed_BecomesSafe()
{
//Arrange: An avatar with malicious html and sql members is constructed.
string malicious = "1');DELETE TABLE dbo.example;--";
DAvatar avatar = new DAvatar{
Title = malicious,
Url = malicious
};
//Act: The friended user is scrubbed.
avatar.Scrub();
//Assert: The friended user has no html in its members.
Assert.AreNotEqual(malicious, avatar.Title);
Assert.AreNotEqual(malicious, avatar.Url);
}
public IEnumerable<DDrink> Avatar_Delete(int drink_ID, DAvatar deleting,
string username)
{
//drinks is a collection of all drinks belonging to given user.
IDataRepository<DDrink> drinks =
RepositoryFactory.Instance.Construct<DDrink>(username);
DDrink parent;
if((parent = drinks.FirstOrDefault(x => x.Drink_ID == drink_ID)) != null){
IDataRepository<DAvatar> avatars =
RepositoryFactory.Instance.Construct<DAvatar>(parent.Drink_ID);
if (deleting.DeleteValid()) {
avatars.Update(deleting);
//The drink has its avatar updated to reflect deletion in repository
parent.avatar = null;
parent.Avatar_ID = 0;
}
}
return drinks; //Targetted drink belongs to different user.
}
public IEnumerable<DDrink> Avatar_Create(int drink_ID, DAvatar creating,
string username)
{
//drinks is a collection of all drinks belonging to given user.
IDataRepository<DDrink> drinks =
RepositoryFactory.Instance.Construct<DDrink>(username);
DDrink parent;
if((parent = drinks.FirstOrDefault(x => x.Drink_ID == drink_ID)) != null){
//The drink having the avatar assigned belongs to the given user.
IDataRepository<DAvatar> avatars =
RepositoryFactory.Instance.Construct<DAvatar>(parent.Drink_ID);
if (creating.CreateValid()) {
avatars.Create(creating);
//The drink has its avatar updated to reflect creation in repository
parent.avatar = creating;
parent.Avatar_ID = creating.Avatar_ID;
}
}
return drinks;
}
public ActionResult Avatar_Update(DAvatar updating)
{
return View("Index");
}
public ActionResult Avatar_Delete(DAvatar deleting)
{
return View("Index");
}
public ActionResult Avatar_Create(DAvatar creating)
{
return View("Index");
}
