public async Task UpdateAsync_EmployeeTriesToChangeRole_ExceptionAsync()
{
await using var context = InMemoryDatabaseHelper.GetDbContext();
var userRepo = new UserRepository(context);
var userInDb = await new ApplicationUserFactory(
new FakeUser(
role: Role.Employee,
firstName: "Neo",
lastName: "Tom",
userName: "******"))
.BuildAsync(userRepo);
var newUserData = new UserDto(
id: userInDb.Id,
firstName: userInDb.FirstName + "1",
lastName: userInDb.LastName + "1",
userName: userInDb.Email + "1",
role: Role.HRManager);
var target = new UserService(
userRepository: userRepo,
authorizationManager: new FakeAuth(Role.Employee),
emailDomainValidatorService: new EmailDomainValidatorService("example.com|hipo.kz"),
emailSender: new UserEmailStub(),
userEvent: new UserEventStub());
await Assert.ThrowsAsync <NoPermissionsException>(() => target.UpdateAsync(newUserData));
}
private async Task ArrangeAndAssertValidSituationsAsync(List <UserDto> listOfUsers)
{
await using var context = InMemoryDatabaseHelper.GetDbContext();
var userRepo = new UserRepository(context);
var listOfUsersToImport = listOfUsers.ToArray();
var service = Target(context, new Mock <IAuthorizationManager>().Object);
int count = await service.ImportAsync(listOfUsersToImport);
Assert.True(count > 0);
Assert.Equal(listOfUsersToImport.Length, count);
var importedUsers = await userRepo.GetAllAsync();
Assert.Equal(count, importedUsers.Count);
foreach (User importedUser in importedUsers)
{
Assert.Equal(importedUser.Email, importedUser.Email.Trim());
Assert.Equal(importedUser.UserName, importedUser.UserName.Trim());
Assert.Equal(importedUser.FirstName, importedUser.FirstName.Trim());
Assert.Equal(importedUser.LastName, importedUser.LastName.Trim());
Assert.Equal(Role.Employee, importedUser.Role);
}
}
public async Task UpdateAsync_NotAdminLowerRole_ExceptionAsync(Role currentUserRole)
{
using (var context = InMemoryDatabaseHelper.GetDbContext())
{
var userRepo = new UserRepository(context, AutomapperSingleton.Mapper);
var user1 = await new ApplicationUserFactory(Role.Employee).BuildAsync(userRepo);
var user2 = await new ApplicationUserFactory(Role.Employee).BuildAsync(userRepo);
IAuthorizationManager authMock = new AuthManagerMockHelper(Role.SystemAdministrator).GetManager();
var service = Target(context, authMock);
var user = CreateAppUserForImport("John", "Test", "*****@*****.**");
long userId = await service.InsertAsync(user);
var newUser = await service.GetByIdAsync(userId);
newUser.Role = Role.SystemAdministrator;
await service.UpdateAsync(newUser);
authMock = new AuthManagerMockHelper(currentUserRole).GetManager();
service = Target(context, authMock);
newUser = await service.GetByIdAsync(userId);
newUser.Role = Role.Employee;
await Assert.ThrowsAsync <NoPermissionsException>(() => service.UpdateAsync(newUser));
}
}
public async Task UpdateAsync_AdminTriesToChangeHisRole_ExceptionAsync()
{
using (var context = InMemoryDatabaseHelper.GetDbContext())
{
const string oldEmail = "old email";
const string oldUsername = "******";
var userRepo = new UserRepository(context, AutomapperSingleton.Mapper);
var userInDb = await new ApplicationUserFactory(Role.SystemAdministrator).BuildAsync(userRepo);
var newUserData = new ApplicationUser
{
Id = userInDb.Id,
FirstName = userInDb.FirstName + "1",
LastName = userInDb.LastName + "1",
UserName = oldUsername + "1",
Email = oldEmail + "1",
Role = Role.Employee
};
var target = new UserService(
userRepo,
new AuthManagerMockHelper(userInDb).GetManager(),
emailDomainValidatorService: new EmailDomainValidatorService("gmail.com|hipo.kz"),
emailSender: new EmailSender(new SendGridClientFake()),
viewRenderer: new ViewRendererFake(),
baseUrls: new BaseUrls(_config));
await Assert.ThrowsAsync <BadRequestException>(() => target.UpdateAsync(newUserData));
}
}
public async Task UpdateAsync_EmployeeTriesToChangeRole_ExceptionAsync()
{
using (var context = InMemoryDatabaseHelper.GetDbContext())
{
var userRepo = new UserRepository(context, AutomapperSingleton.Mapper);
var userInDb = await new ApplicationUserFactory(
role: Role.Employee,
firstName: "Neo",
lastName: "Tom",
email: "*****@*****.**")
.BuildAsync(userRepo);
var newUserData = new ApplicationUser
{
Id = userInDb.Id,
FirstName = userInDb.FirstName + "1",
LastName = userInDb.LastName + "1",
UserName = userInDb.UserName + "1",
Email = userInDb.Email + "1",
Role = Role.HRManager
};
var target = new UserService(
userRepository: userRepo,
authorizationManager: new AuthManagerMockHelper(Role.Employee).GetManager(),
emailDomainValidatorService: new EmailDomainValidatorService("gmail.com|hipo.kz"),
emailSender: new EmailSender(new SendGridClientFake()),
viewRenderer: new ViewRendererFake(),
baseUrls: new BaseUrls(_config));
await Assert.ThrowsAsync <NoPermissionsException>(() => target.UpdateAsync(newUserData));
}
}
public async Task UpdateAsync_AdminTriesToChangeHisRole_ExceptionAsync()
{
await using var context = InMemoryDatabaseHelper.GetDbContext();
const string oldEmail = "old email";
var userRepo = new UserRepository(context);
var userInDb = await new ApplicationUserFactory(Role.SystemAdministrator).BuildAsync(userRepo);
var newUserData = new UserDto(
userInDb.Id,
firstName: userInDb.FirstName + "1",
lastName: userInDb.LastName + "1",
userName: oldEmail + "1",
role: Role.Employee);
var target = new UserService(
userRepository: userRepo,
authorizationManager: new FakeAuth(userInDb),
emailDomainValidatorService: new EmailDomainValidatorService("example.com|hipo.kz"),
emailSender: new UserEmailStub(),
userEvent: new UserEventStub());
await Assert.ThrowsAsync <BadAssException>(() => target.UpdateAsync(newUserData));
}
public async Task SendCustomEmail_OkAsync(Role role)
{
using (var dbContext = InMemoryDatabaseHelper.GetDbContext())
{
var user = await new ApplicationUserFactory(role).BuildAsync(dbContext);
var emailContent = new EmailContent(
@from: "*****@*****.**",
subject: "test",
body: "<p> Hello world </P>",
recipients: new List <string>()
{
"*****@*****.**"
});
var emailSender = new Mock <IEmailSender>();
emailSender
.Setup(x => x.SendSingleEmailAsync(It.IsAny <IEmailContent>()))
.ReturnsAsync((IEmailContent x) =>
{
Assert.Single(x.Recipients);
Assert.Empty(x.Cc);
Assert.Equal(emailContent.Subject, x.Subject);
Assert.Equal(emailContent.From, x.From);
Assert.True(x.Recipients.Contains("*****@*****.**"));
return(It.IsAny <IEmailResponse>());
});
var service = Target(user, emailSender);
await service.SendCustomEmailAsync(emailContent);
}
}
public async Task Delete_AnotherUser_OkAsync()
{
await using var context = InMemoryDatabaseHelper.GetDbContext();
var userRepo = new UserRepository(context);
var userToDelete = await new ApplicationUserFactory(Role.Employee).BuildAsync(userRepo);
var anotherUser = await new ApplicationUserFactory(Role.Employee).BuildAsync(userRepo);
var service = Target(context, new FakeAuth(Role.HRManager));
await service.DeleteAsync(userToDelete.Id);
IReadOnlyCollection <User> activeUsers = await service.GetAllAsync();
Assert.Single(activeUsers);
Assert.True(activeUsers.All(x => x.DeletedAt == null));
Assert.Equal(anotherUser.Id, activeUsers.First().Id);
IReadOnlyCollection <User> inactiveUsers = await userRepo.InactiveUsersAsync();
Assert.NotEmpty(inactiveUsers);
Assert.Single(inactiveUsers);
var inactiveUser = inactiveUsers.First();
Assert.Equal(userToDelete.Id, inactiveUser.Id);
}
public async Task ImportAsync_DatabaseContainsNotUniqueUsers_OkAsync()
{
var listOfUsers = new List <ApplicationUser>
{
CreateAppUserForImport("John", "Smith", "*****@*****.**"),
};
var listOfUsersToImport = listOfUsers.ToArray();
using (var context = InMemoryDatabaseHelper.GetDbContext())
{
await context.Users.AddAsync(new DbUser
{
FirstName = "John",
LastName = "Smith",
Email = "*****@*****.**"
});
await context.SaveChangesAsync();
Assert.Equal(1, await context.Users.CountAsync());
var service = Target(context, new Mock <IAuthorizationManager>().Object);
Assert.Equal(0, await service.ImportAsync(listOfUsersToImport));
Assert.Equal(1, await context.Users.CountAsync());
}
}
public async Task Delete_TryToDeleteNotExistingUser_ExceptionAsync()
{
await using var context = InMemoryDatabaseHelper.GetDbContext();
var service = Target(context, new FakeAuth(Role.HRManager));
Assert.Empty(await context.Users.ToArrayAsync());
await Assert.ThrowsAsync <ResourceNotFoundException>(() => service.DeleteAsync(1));
}
public async Task InsertAsync_WrongDomain_ExceptionAsync()
{
var user = new UserDto("John", "Smith", "*****@*****.**");
await using var context = InMemoryDatabaseHelper.GetDbContext();
var service = Target(context, new Mock <IAuthorizationManager>().Object);
await Assert.ThrowsAsync <BadAssException>(() => service.InsertAsync(user));
}
public async Task InsertAsync_WrongDomain_ExceptionAsync()
{
var user = CreateAppUserForImport("John", "Smith", "*****@*****.**");
using (var context = InMemoryDatabaseHelper.GetDbContext())
{
var service = Target(context, new Mock <IAuthorizationManager>().Object);
await Assert.ThrowsAsync <BadRequestException>(() => service.InsertAsync(user));
}
}
public async Task Delete_TryToDeleteMyself_ExceptionAsync()
{
await using var context = InMemoryDatabaseHelper.GetDbContext();
var userRepo = new UserRepository(context);
var userToDelete = await new ApplicationUserFactory(Role.SystemAdministrator).BuildAsync(userRepo);
var service = Target(context, new FakeAuth(userToDelete));
await Assert.ThrowsAsync <BadAssException>(() => service.DeleteAsync(userToDelete.Id));
}
public async Task Delete_TryToDeleteMyself_ExceptionAsync()
{
using (var context = InMemoryDatabaseHelper.GetDbContext())
{
var userRepo = new UserRepository(context, AutomapperSingleton.Mapper);
var userToDelete = await new ApplicationUserFactory(Role.SystemAdministrator).BuildAsync(userRepo);
var service = Target(context, new AuthManagerMockHelper(userToDelete).GetManager());
await Assert.ThrowsAsync <BadRequestException>(() => service.DeleteAsync(userToDelete.Id));
}
}
public async Task SearchAsync_NoUsers_WithRoles_OkAsync()
{
await using var context = InMemoryDatabaseHelper.GetDbContext();
var userRepo = new UserRepository(context);
var target = Target(context, new FakeAuth(Role.SystemAdministrator));
PageModel pageModel = new PageModel();
var users = await target.SearchAsync("q", pageModel);
Assert.Empty(users.Results);
}
public async Task UserByEmailAsync_HasNoUser_ReturnsNull_OkAsync()
{
using (var context = InMemoryDatabaseHelper.GetDbContext())
{
var userREpo = new UserRepositoryForIdentity(context, AutomapperSingleton.Mapper);
await new ApplicationUserFactory(Role.Employee, email: "*****@*****.**")
.BuildAsync(context);
var target = new UserServiceForIdentityServer(userREpo);
Assert.Null(await target.UserByEmailOrNullAsync("No_email_like_this"));
}
}
public async Task SendInviteEmailsAsync_NotAllowedUsers_ExceptionAsync(Role currentUserRole)
{
await using var context = InMemoryDatabaseHelper.GetDbContext();
var userRepo = new UserRepository(context);
var user1 = await new ApplicationUserFactory(Role.Employee).BuildAsync(userRepo);
var user2 = await new ApplicationUserFactory(Role.Employee).CreateConfirmedAsync(context);
IAuthorizationManager authMock = new FakeAuth(currentUserRole);
var service = Target(context, authMock);
await Assert.ThrowsAsync <NoPermissionsException>(() => service.SendInviteEmailsAsync());
}
public async Task RemoveNonConfirmedUsersFromDatabaseAsync_ConfirmedUsersWasNotRemoved_OkAsync()
{
await using var context = InMemoryDatabaseHelper.GetDbContext();
var userRepo = new UserRepository(context);
var anotherUser = await new ApplicationUserFactory(Role.Employee).CreateConfirmedAsync(context);
var userToRemove = await new ApplicationUserFactory(Role.SystemAdministrator).CreateConfirmedAsync(context);
var service = Target(context, new FakeAuth(Role.SystemAdministrator));
await service.RemoveNonConfirmedUsersFromDatabaseAsync();
var users = await userRepo.GetAllAsync();
Assert.Equal(2, users.Count);
}
public async Task GetByIdAsync_UserReturnsWithRole_OkAsync(Role userRole)
{
await using DatabaseContext context = InMemoryDatabaseHelper.GetDbContext();
var userRepo = new UserRepository(context);
var user = await new ApplicationUserFactory(userRole)
.BuildAsync(userRepo);
var target = Target(context, new FakeAuth(Role.HRManager));
user = await target.GetByIdAsync(user.Id);
Assert.NotNull(user);
Assert.Equal(userRole, user.Role);
}
public async Task GetByIdAsync_OkAsync(Role currentUser)
{
using (DatabaseContext context = InMemoryDatabaseHelper.GetDbContext())
{
var userRepo = new UserRepository(context, AutomapperSingleton.Mapper);
var user = await new ApplicationUserFactory(Role.Employee)
.BuildAsync(userRepo);
var target = Target(context, new AuthManagerMockHelper(currentUser).GetManager());
user = await target.GetByIdAsync(user.Id);
Assert.NotNull(user);
}
}
public async Task GetByIdAsync_UserReturnsWithRole_OkAsync(Role userRole)
{
using (DatabaseContext context = InMemoryDatabaseHelper.GetDbContext())
{
var userRepo = new UserRepository(context, AutomapperSingleton.Mapper);
var user = await new ApplicationUserFactory(userRole)
.BuildAsync(userRepo);
var target = Target(context, new AuthManagerMockHelper(Role.HRManager).GetManager());
user = await target.GetByIdAsync(user.Id);
Assert.NotNull(user);
Assert.Equal(userRole, user.Role);
}
}
public async Task UserByEmailAsync_HasUser_BeingReturned_OkAsync()
{
using (var context = InMemoryDatabaseHelper.GetDbContext())
{
var userREpo = new UserRepositoryForIdentity(context, AutomapperSingleton.Mapper);
var addedUser = await new ApplicationUserFactory(Role.Employee, email: "*****@*****.**")
.BuildAsync(context);
var target = new UserServiceForIdentityServer(userREpo);
var user = await target.UserByEmailOrNullAsync("*****@*****.**");
Assert.NotNull(user);
Assert.Equal(addedUser.Id, user.Id);
Assert.Equal(Role.Employee, user.Role);
}
}
public async Task InsertAsync_NoFunctionalManager_OkAsync(Role currentUserRole)
{
await using var context = InMemoryDatabaseHelper.GetDbContext();
IAuthorizationManager authMock = new FakeAuth(currentUserRole);
var service = Target(context, authMock);
User user = await service.GetByIdAsync(
await service.InsertAsync(
new UserDto("John", "Test", "*****@*****.**")));
Assert.Equal(Role.Employee, user.Role);
Assert.Equal("John", user.FirstName);
Assert.Equal("Test", user.LastName);
Assert.Equal("*****@*****.**", user.UserName);
Assert.Equal("*****@*****.**", user.Email);
}
public async Task UpdateAsync_SysAdminChangesRoleForOtherUser_OkAsync()
{
using (var context = InMemoryDatabaseHelper.GetDbContext())
{
var userRepo = new UserRepository(context, AutomapperSingleton.Mapper);
var userInDb = await new ApplicationUserFactory(
role: Role.Employee,
firstName: "Neo",
lastName: "Tom",
email: "*****@*****.**")
.BuildAsync(userRepo);
var newUserData = new ApplicationUser
{
Id = userInDb.Id,
FirstName = userInDb.FirstName + "1",
LastName = userInDb.LastName + "1",
UserName = userInDb.UserName + "1",
Email = userInDb.Email + "1",
Role = Role.HRManager
};
var target = new UserService(
userRepository: userRepo,
authorizationManager: new AuthManagerMockHelper(Role.SystemAdministrator).GetManager(),
emailDomainValidatorService: new EmailDomainValidatorService("gmail.com|hipo.kz"),
emailSender: new EmailSender(new SendGridClientFake()),
viewRenderer: new ViewRendererFake(),
baseUrls: new BaseUrls(_config));
await target.UpdateAsync(newUserData);
userInDb = await target.GetByIdAsync(userInDb.Id);
// was changed
Assert.Equal("Neo1", userInDb.FirstName);
Assert.Equal("Tom1", userInDb.LastName);
// Was not changed
Assert.Equal("*****@*****.**", userInDb.Email);
Assert.Equal("*****@*****.**", userInDb.UserName);
Assert.Equal(Role.HRManager, userInDb.Role);
}
}
public async Task SendCustomEmail_NotAllowedRoles_ExceptionAsync(Role role)
{
using (var dbContext = InMemoryDatabaseHelper.GetDbContext())
{
var user = await new ApplicationUserFactory(role).BuildAsync(dbContext);
var emailContent = new EmailContent(
@from: "*****@*****.**",
subject: "test",
body: "<p> Hello world </P>",
recipients: new List <string>()
{
"*****@*****.**"
});
var service = Target(user);
await Assert.ThrowsAsync <NoPermissionsException>(() => service.SendCustomEmailAsync(emailContent));
}
}
public async Task InsertAsync_NoFunctionalManager_OkAsync(Role currentUserRole)
{
using (var context = InMemoryDatabaseHelper.GetDbContext())
{
IAuthorizationManager authMock = new AuthManagerMockHelper(currentUserRole).GetManager();
var service = Target(context, authMock);
ApplicationUser user = await service.GetByIdAsync(
await service.InsertAsync(
CreateAppUserForImport("John", "Test", "*****@*****.**")));
Assert.Equal(Role.Employee, user.Role);
Assert.Equal("John", user.FirstName);
Assert.Equal("Test", user.LastName);
Assert.Equal("*****@*****.**", user.UserName);
Assert.Equal("*****@*****.**", user.Email);
}
}
public async Task ImportAsync_WrongDomain_ExceptionAsync()
{
var listOfUsers = new List <UserDto>
{
new UserDto("John", "Smith", "*****@*****.**")
};
await using var context = InMemoryDatabaseHelper.GetDbContext();
var listOfUsersToImport = listOfUsers.ToArray();
var service = new UserService(
userRepository: new UserRepository(context),
authorizationManager: new Mock <IAuthorizationManager>().Object,
emailDomainValidatorService: new EmailDomainValidatorService("example.com|hipo.kz"),
emailSender: new UserEmailStub(),
userEvent: new UserEventStub());
await Assert.ThrowsAsync <BadAssException>(() => service.ImportAsync(listOfUsersToImport));
}
public async Task GetAllAsync_WithRoles_OkAsync()
{
await using var context = InMemoryDatabaseHelper.GetDbContext();
var userRepo = new UserRepository(context);
var user1 = await new ApplicationUserFactory(Role.Employee).BuildAsync(userRepo);
var user2 = await new ApplicationUserFactory(Role.HRManager).BuildAsync(userRepo);
var user3 = await new ApplicationUserFactory(Role.TopManager).BuildAsync(userRepo);
var target = Target(context, new FakeAuth(Role.SystemAdministrator));
var users = await target.GetAllAsync();
Assert.NotEmpty(users);
Assert.Equal(3, users.Count);
Assert.Equal(Role.Employee, users.ElementAt(0).Role);
Assert.Equal(Role.HRManager, users.ElementAt(1).Role);
Assert.Equal(Role.TopManager, users.ElementAt(2).Role);
}
public async Task SearchAsync_NoConfirmedUsers_WithRoles_OkAsync()
{
await using var context = InMemoryDatabaseHelper.GetDbContext();
var userRepo = new UserRepository(context);
var target = Target(context, new FakeAuth(Role.SystemAdministrator));
PageModel pageModel = new PageModel();
var user = await new ApplicationUserFactory(
new FakeUser(
Role.Employee,
firstName: "user1_name",
lastName: "user1_surname",
userName: "******"))
.BuildAsync(context);
var users = await target.SearchAsync("u", pageModel);
Assert.Empty(users.Results);
}
public async Task UpdateAsync_NotAdminSetHigherRole_ExceptionAsync(Role currentUserRole)
{
await using var context = InMemoryDatabaseHelper.GetDbContext();
var userRepo = new UserRepository(context);
var user1 = await new ApplicationUserFactory(Role.Employee).BuildAsync(userRepo);
var user2 = await new ApplicationUserFactory(Role.Employee).BuildAsync(userRepo);
IAuthorizationManager authMock = new FakeAuth(currentUserRole);
var service = Target(context, authMock);
var data = new UserDto("John", "Test", "*****@*****.**");
long userId = await service.InsertAsync(data);
data = AutomapperSingleton.Map <UserDto>(await service.GetByIdAsync(userId));
data.Role = Role.SystemAdministrator;
await Assert.ThrowsAsync <BadAssException>(() => service.UpdateAsync(data));
}
