public ActionResult TeacherUploader(HttpPostedFileBase postedFile, string id, bool refresh = false) { TeacherUploadViewModel tuvm = new TeacherUploadViewModel(); tuvm.Id = id; tuvm.Files = new List <FileDocument>(); var currentUser = UserUtils.GetCurrentUser(HttpContext); try { int intId; if (int.TryParse(id.Substring(1), out intId)) { FileDocument file = new FileDocument(); file.MemberId = currentUser.Id; file.TimeStamp = DateTime.Now; switch (id[0]) { case 'a': Activity activity = db.Activities.Find(intId); file.ActivityId = activity.Id; tuvm.ActivityName = activity.Name; tuvm.Files = activity.Files; break; case 'm': Module module = db.Modules.Find(intId); file.ModuleId = module.Id; tuvm.ModuleName = module.Name; tuvm.Files = module.Files; break; case 'c': Course course = db.Courses.Find(intId); file.CourseId = course.Id; tuvm.CourseName = course.Name; tuvm.Files = course.Files; break; default: break; } if (!refresh) { if (postedFile != null) { file.Name = postedFile.FileName; string path = Server.MapPath("~/Uploads/"); if (!Directory.Exists(path)) { Directory.CreateDirectory(path); } db.Files.Add(file); db.SaveChanges(); postedFile.SaveAs(path + file.Id.Encode().ToString()); TempData["alert"] = "success|Dokumentet är uppladdat!"; } else { TempData["alert"] = "danger|Kunde inte lägga till dokument"; } } } } catch (Exception) { TempData["alert"] = "danger|Allvarligt fel!"; } return(PartialView("_TeacherUploader", tuvm)); }
public void TestPostDeltas() { //Assumptions: // Role 'Contributor' exists // Role 'Viewer' exists //Actions: // Create User1, User2 and User3 // User1 is contributor, User2 is contributor on /A/B* // User3 is a viewer on A* (grant added) //Expected result: // User3 is viewer on /A* // User1 and user2 are contributors on /A/B* Plug p = Utils.BuildPlugForAdmin(); string baseTreePath = PageUtils.BuildPageTree(p); string userid1 = null; DreamMessage msg = UserUtils.CreateRandomContributor(p, out userid1); string userid2 = null; msg = UserUtils.CreateRandomContributor(p, out userid2); string userid3 = null; msg = UserUtils.CreateRandomContributor(p, out userid3); XDoc securityDoc = new XDoc("security") .Start("permissions.page") .Elem("restriction", "Private") .End() .Start("grants") .Start("grant") .Start("permissions") .Elem("role", "Contributor") .End() .Start("user").Attr("id", userid1).End() .End() .Start("grant") .Start("permissions") .Elem("role", "Contributor") .End() .Start("user").Attr("id", userid2).End() .End() .End(); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A/B"), "security"). WithQuery("cascade=absolute").Put(securityDoc); Assert.AreEqual(DreamStatus.Ok, msg.Status); securityDoc = new XDoc("security") .Start("permissions.page") .Elem("restriction", "Private") .End() .Start("grants.added") .Start("grant") .Start("permissions") .Elem("role", "Viewer") .End() .Start("user").Attr("id", userid3).End() .End() .End(); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A"), "security"). WithQuery("cascade=delta").Post(securityDoc); Assert.AreEqual(DreamStatus.Ok, msg.Status); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A"), "security").Get(); Assert.AreEqual(msg.ToDocument()[string.Format("grants/grant[user/@id=\"{0}\"]/permissions/role", userid3)].Contents, "Viewer"); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A/B/C"), "security").Get(); Assert.AreEqual(msg.ToDocument()["permissions.page/restriction"].Contents, "Private"); Assert.AreEqual(msg.ToDocument()[string.Format("grants/grant[user/@id=\"{0}\"]/permissions/role", userid1)].Contents, "Contributor"); Assert.AreEqual(msg.ToDocument()[string.Format("grants/grant[user/@id=\"{0}\"]/permissions/role", userid2)].Contents, "Contributor"); Assert.AreEqual(msg.ToDocument()[string.Format("grants/grant[user/@id=\"{0}\"]/permissions/role", userid3)].Contents, "Viewer"); }
public void FailedPermissionChangeWhenPartOfMultipleGroups() { //Assumptions: // Role 'Contributor' exist //Actions: // Create user user1 with "Contributor" role // Create group group1 with "Contributor" role // Create group group2 with "Contributor" role // Assing user1 with group1 and group2 // Create new page // Set page restriction as private // Set grant to page for user1, group1 and group2 // Login as user1 // Remove group2 from list of grants //Expected result: // List of grants doesn't content group2 Plug p = Utils.BuildPlugForAdmin(); string userid = null; string username = null; DreamMessage msg = UserUtils.CreateRandomContributor(p, out userid, out username); string groupid1 = null; msg = UserUtils.CreateRandomGroup(p, new string[] { userid }, out groupid1); string groupid2 = null; msg = UserUtils.CreateRandomGroup(p, new string[] { userid }, out groupid2); string pageid = null; msg = PageUtils.CreateRandomPage(p, out pageid); XDoc securityDoc = new XDoc("security") .Start("permissions.page") .Elem("restriction", "Private") .End() .Start("grants") .Start("grant") .Start("permissions") .Elem("role", "Contributor") .End() .Start("user").Attr("id", userid).End() .End() .Start("grant") .Start("permissions") .Elem("role", "Contributor") .End() .Start("group").Attr("id", groupid1).End() .End() .Start("grant") .Start("permissions") .Elem("role", "Contributor") .End() .Start("group").Attr("id", groupid2).End() .End() .End(); msg = p.At("pages", pageid, "security").Put(securityDoc); Assert.IsTrue(msg.IsSuccessful, "Failed to set page to private"); p = Utils.BuildPlugForUser(username); securityDoc = new XDoc("security") .Start("permissions.page") .Elem("restriction", "Private") .End() .Start("grants.removed") .Start("grant") .Start("permissions") .Elem("role", "Contributor") .End() .Start("group").Attr("id", groupid2).End() .End() .End(); msg = p.At("pages", pageid, "security").Post(securityDoc); Assert.IsTrue(msg.IsSuccessful, "Failed to set page to private"); Assert.AreEqual(msg.ToDocument()["permissions.page/restriction"].Contents, "Private"); Assert.AreEqual(msg.ToDocument()[string.Format("grants/grant[user/@id=\"{0}\"]/permissions/role", userid)].Contents, "Contributor"); Assert.AreEqual(msg.ToDocument()[string.Format("grants/grant[group/@id=\"{0}\"]/permissions/role", groupid1)].Contents, "Contributor"); Assert.IsTrue(msg.ToDocument()[string.Format("grants/grant[group/@id=\"{0}\"]/permissions/role", groupid2)].IsEmpty); }
public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status) { var userId = (int)providerUserKey; var user = new UserEntity(userId); if (!user.IsNew && !user.LastLoginTime.HasValue) { if (username.Length >= MinUsernameLength && !username.Contains(" ")) { if (ValidateNewPassword(password)) { var args = new ValidatePasswordEventArgs(username, password, true); OnValidatingPassword(args); if (!args.Cancel) { if (UserUtils.GetByUsername(username) == null) { Transaction transaction = new Transaction(IsolationLevel.ReadCommitted, "user initialization"); try { transaction.Add(user); user.Username = username; user.EmailAddress = email; SetPassword(user, password, transaction); user.Save(); transaction.Commit(); status = MembershipCreateStatus.Success; return(GetUser(username, true)); } catch (Exception) { transaction.Rollback(); status = MembershipCreateStatus.ProviderError; } finally { transaction.Dispose(); } } else { status = MembershipCreateStatus.DuplicateUserName; } } else { status = MembershipCreateStatus.InvalidPassword; } } else { status = MembershipCreateStatus.InvalidPassword; } } else { status = MembershipCreateStatus.InvalidUserName; } } else { status = MembershipCreateStatus.InvalidProviderUserKey; } return(null); }
public void TestAbsoluteCascading() { //Assumptions: //role 'contributor' exists //Actions: // Create User1 and User2 //User1 is contributor on /A/B/* with absolute cascading //User2 is contributor on /A* with absolute cascading //Expected result: // A/* including A/B does not have user1 as contributor Plug p = Utils.BuildPlugForAdmin(); string baseTreePath = PageUtils.BuildPageTree(p); string userid1 = null; DreamMessage msg = UserUtils.CreateRandomContributor(p, out userid1); string userid2 = null; msg = UserUtils.CreateRandomContributor(p, out userid2); XDoc securityDoc = new XDoc("security") .Start("permissions.page") .Elem("restriction", "Private") .End() .Start("grants") .Start("grant") .Start("permissions") .Elem("role", "Contributor") .End() .Start("user").Attr("id", userid1).End() .End() .End(); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A/B"), "security"). WithQuery("cascade=absolute").Put(securityDoc); Assert.AreEqual(DreamStatus.Ok, msg.Status); securityDoc = new XDoc("security") .Start("permissions.page") .Elem("restriction", "Private") .End() .Start("grants") .Start("grant") .Start("permissions") .Elem("role", "Contributor") .End() .Start("user").Attr("id", userid2).End() .End() .End(); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A"), "security"). WithQuery("cascade=absolute").Put(securityDoc); Assert.AreEqual(DreamStatus.Ok, msg.Status); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A/B"), "security").Get(); Assert.AreEqual(msg.ToDocument()["permissions.page/restriction"].Contents, "Private"); Assert.AreEqual(msg.ToDocument()["grants/grant[1]/user/@id"].Contents, userid2); Assert.IsTrue(msg.ToDocument()["grants/grant[2]"].IsEmpty); }
public async Task <object> Seed() { await _context.Database.EnsureCreatedAsync(); await _roleManager.CreateAsync(new IdentityRole("Admin")); await _roleManager.CreateAsync(new IdentityRole("Director")); await _roleManager.CreateAsync(new IdentityRole("Curator")); await _roleManager.CreateAsync(new IdentityRole("Teacher")); await _roleManager.CreateAsync(new IdentityRole("Student")); try { var college = _context.Colleges.Add(new College { Name = "МРК" }).Entity; await UserUtils.CreateUser(_userManager, "*****@*****.**", "_Wsda1234", "Admin"); var director = await UserUtils.CreateUser(_userManager, "*****@*****.**", "_Wsda1234", "Director"); director.FirstName = "Сергей"; director.LastName = "Анкуда"; var curator = await UserUtils.CreateUser(_userManager, "*****@*****.**", "_Wsda1234", "Curator"); curator.FirstName = "Елена"; curator.LastName = "Клемято"; var teacher = await UserUtils.CreateUser(_userManager, "*****@*****.**", "_Wsda1234", "Teacher"); teacher.FirstName = "Марина"; teacher.LastName = "Бельчик"; var student = await UserUtils.CreateUser(_userManager, "*****@*****.**", "_Wsda1234", "Student"); student.FirstName = "Владислав"; student.LastName = "Добрицкий"; var student1 = await UserUtils.CreateUser(_userManager, "*****@*****.**", "_Wsda1234", "Student"); student1.FirstName = "Андросов"; student1.LastName = "Павел"; var student2 = await UserUtils.CreateUser(_userManager, "*****@*****.**", "_Wsda1234", "Student"); student2.FirstName = "Бубневич"; student2.LastName = "Илья"; var student3 = await UserUtils.CreateUser(_userManager, "*****@*****.**", "_Wsda1234", "Student"); student3.FirstName = "Голодок"; student3.LastName = "Андрей"; var student4 = await UserUtils.CreateUser(_userManager, "*****@*****.**", "_Wsda1234", "Student"); student4.FirstName = "Гуриш"; student4.LastName = "Елизавета"; var student5 = await UserUtils.CreateUser(_userManager, "*****@*****.**", "_Wsda1234", "Student"); student5.FirstName = "Зазаульничкий"; student5.LastName = "Дмитрий"; var student7 = await UserUtils.CreateUser(_userManager, "*****@*****.**", "_Wsda1234", "Student"); student7.FirstName = "Колышко"; student7.LastName = "Кирилл"; var specialty = _context.Specialties.Add(new Specialty() { College = college, Name = "ПОИТ" }).Entity; var group = _context.CollegeGroups.Add(new CollegeGroup() { Number = "42491", Specialty = specialty }).Entity; var subGroup = _context.SubGroups.Add(new SubGroup() { Name = "42491sub1", Group = group }).Entity; _context.Directors.Add(new Director() { User = director, College = college }); var s = _context.Students.Add(new Student() { User = student, SubGroup = subGroup }).Entity; _context.Students.Add(new Student() { User = student1, SubGroup = subGroup }); _context.Students.Add(new Student() { User = student2, SubGroup = subGroup }); _context.Students.Add(new Student() { User = student3, SubGroup = subGroup }); _context.Students.Add(new Student() { User = student4, SubGroup = subGroup }); _context.Students.Add(new Student() { User = student5, SubGroup = subGroup }); _context.Students.Add(new Student() { User = student7, SubGroup = subGroup }); var t = _context.Teachers.Add(new Teacher() { User = teacher, College = college }).Entity; _context.Teachers.Add(new Teacher() { User = curator, College = college }); var semester = _context.Semesters.Add(new Semester() { Number = 1, StartDate = new DateTime(2017, 9, 1), EndDate = new DateTime(2017, 12, 24), SubGroup = subGroup }).Entity; var subject = _context.Subjects.Add(new Subject() { Name = "КПиЯП", College = college }).Entity; var topic = _context.Topics.Add(new Topic() { Name = "Делегаты", Subject = subject }).Entity; _context.Topics.Add(new Topic() { Name = "Типы данных в C#", Subject = subject }); _context.Topics.Add(new Topic() { Name = "Работа с массивами C#", Subject = subject }); _context.Topics.Add(new Topic() { Name = "Основы ООП", Subject = subject }); _context.Topics.Add(new Topic() { Name = "Практическая работа №1", Subject = subject }); await _context.SaveChangesAsync(); await new TeacheSubjectInfoController(_context).CreateTsi(new TsiDto() { Semester = new SemesterDTO() { ID = semester.ID }, Subject = new SubjectDTO() { ID = subject.ID }, Teacher = new TeacherDTO() { ID = t.ID } }); var lesson1 = await _context.Lessons.FirstOrDefaultAsync(l => l.Date == new DateTime(2017, 09, 05)); var lesson2 = await _context.Lessons.FirstOrDefaultAsync(l => l.Date == new DateTime(2017, 09, 06)); var lesson3 = await _context.Lessons.FirstOrDefaultAsync(l => l.Date == new DateTime(2017, 09, 20)); var lesson4 = await _context.Lessons.FirstOrDefaultAsync(l => l.Date == new DateTime(2017, 09, 21)); var lesson5 = await _context.Lessons.FirstOrDefaultAsync(l => l.Date == new DateTime(2017, 10, 05)); var mark1 = _context.Marks.Add(new Mark() { IsAbsent = false, IsCredited = false, Lesson = lesson1, Student = s, Value = 9 }).Entity; var mark2 = _context.Marks.Add(new Mark() { IsAbsent = false, IsCredited = false, Lesson = lesson2, Student = s, Value = 9 }).Entity; var mark3 = _context.Marks.Add(new Mark() { IsAbsent = false, IsCredited = false, Lesson = lesson3, Student = s, Value = 9 }).Entity; var mark4 = _context.Marks.Add(new Mark() { IsAbsent = false, IsCredited = false, Lesson = lesson4, Student = s, Value = 9 }).Entity; var mark5 = _context.Marks.Add(new Mark() { IsAbsent = false, IsCredited = false, Lesson = lesson5, Student = s, Value = 9 }).Entity; } catch { return("Seeding Error"); } await _context.SaveChangesAsync(); return(Ok("Seeding Success")); }
public static void Update() { if (!BlazeManager.GetForPlayer <bool>("Fly Enable")) { return; } if (BlazeManager.GetForPlayer <bool>("Fly Type")) { Player player = Player.Instance; Transform transform = Camera.main.transform; player.GetComponent <Collider>().enabled = false; float MultiSpeed = Input.GetKey(KeyCode.LeftShift) ? 2.5F : 1F; float calcTimes = MultiSpeed * Time.deltaTime; // NoClipMode if (Input.GetKey(KeyCode.E)) { player.transform.position += new Vector3(0, 1f, 0) * fNoClipSpeed * calcTimes; } else if (Input.GetKey(KeyCode.Q)) { player.transform.position -= new Vector3(0, 1f, 0) * fNoClipSpeed * calcTimes; } Vector3 moveControl = Player.Instance.transform.position; if (Math.Abs(Input.GetAxis("Vertical")) > 0f) { moveControl += calcTimes * fNoClipSpeed * transform.forward * Input.GetAxis("Vertical"); } if (Math.Abs(Input.GetAxis("Horizontal")) > 0f) { moveControl += calcTimes * fNoClipSpeed * transform.right * Input.GetAxis("Horizontal"); } UserUtils.TeleportTo(moveControl); } else { Player player = Player.Instance; player.GetComponent <Collider>().enabled = true; if (Input.GetKey(KeyCode.Q)) { Physics.gravity = new Vector3(0, -9.5f, 0); iCountBalance = 10; } else if (Input.GetKey(KeyCode.E)) { Physics.gravity = new Vector3(0, 9.5f, 0); iCountBalance = 10; } else if (iCountBalance >= 0) { CharacterController controller = player.GetComponent <CharacterController>(); if (controller.velocity[1] != 0.0f) { iCountBalance = 10; Physics.gravity = new Vector3(0, -controller.velocity[1] * 2.0f); } else { iCountBalance = -1; Physics.gravity = Vector3.zero; } } } }
public void AMAPRASelfMaxCreditTest() { //creating a random user with api calls UserInfo NewUser1 = UserUtils.CreateUser("AMA-SL"); /// 1. Navigate to the login page LoginPage LP = Navigation.GoToLoginPageMainpro(browser); //create the dashboard page //Login to the Automation Test User, However another user should be selected in the case that // DashboardPage DP = LP.LoginAsUser(NewUser1.Username, "test");; //deal with the eula DP.EULAButton.Click(); EnterACPDActivityPage EP = DP.ClickToAdvance(DP.EnterCPDActBtn); /// 3. create an activity that is a Certified Assessment, Other Activity MIKE: Added an end line above here EP.FillEnterACPDActivityForm("Self-Learning", "Certified", "American Medical Association (AMA) PRA Category 1"); //if the popup appears, click the okay button and then //click on the popup button appears if (EP.AMAPopupSubmitBtn.Displayed) { EP.AMAPopupSubmitBtn.Click(); } EP.LiveInPersonRdoBtn.Click(); EP.ClickToAdvance(EP.LiveInPersonRdoBtn); /// 4. Click continue after all of the options have been selected EP.ContinueBtn.Click(); Thread.Sleep(2000); // MIKE: Add wait criteria for this click, then use ClickToAdvance and place the wait criteria in there, instead of sleeping. Can wait for an element to appear on the next instance of this page /// 5. Fill out the details EP.FillOutAMAActivityForm1(90); // MIKE: See comments inside method //next go on and check to see that only 50 credits are applied to the Certification Browser.ExecuteScript("arguments[0].click();", EP.PopupSubmitBtn); Thread.Sleep(8000); // MIKE: Add wait criteria. Can wait for an element to be NOT visible DP.DashboardTab.Click(); Thread.Sleep(1000); // MIKE: Add wait criteria double newCreditValue = DP.GetTotalCredits(); //loop over until the credits update do { Thread.Sleep(5000); browser.Navigate().Refresh(); newCreditValue = DP.GetTotalCredits(); } while (newCreditValue == 0); //once the new credits appear, click on the link to open up the popup int x = 0; //now check to see if the applied credits DP.TotalCreditsLinkLnk.Click(); Thread.Sleep(5000); String creditValue = DP.TotalCreditsValueLbl.Text; //just putting the wait criteria here incase a breakpoint is needed Thread.Sleep(5000); Assert.AreEqual(creditValue, "50"); }
public void EnterAnArticleTest() { //creating a random user with api calls UserInfo NewUser1 = UserUtils.CreateUser("Article"); /// 1. Navigate to the login page and Log In LoginPage LP = Navigation.GoToLoginPageMainpro(browser); // Wrapper to login DashboardPage DP = LP.LoginAsUser(NewUser1.Username, "test"); /// 2. Click on the Enter a CPD Activity Button DP.EULAButton.Click(); /// 3. Fill out the Enter a CPD Activity 1st Page EnterACPDActivityPage EP = DP.ClickToAdvance(DP.EnterCPDActBtn); EP.FillEnterACPDActivityForm("Self-Learning", "Certified", "CFP Mainpro+ Articles"); EP.ArticleDrpDn.Click(); Thread.Sleep(1000); EP.AntibioticArticle.Click(); Thread.Sleep(1000); EP.ContinueBtn.Click(); Thread.Sleep(4000); /// 3. Fill out the Article Details for the article //scroll to the radio button ElemSet.ScrollToElement(browser, EP.ArticleDescriptionRdo); //EP.ArticleDescriptionRdo.Click(); //Generate start and end dates for the article Page DateTime dt = DateTime.Now.AddDays(-1); String startDate = dt.Month + "/" + dt.Day + "/" + dt.Year; String completionDate = startDate; ElemSet.ScrollToElement(browser, EP.ActivityStartDateArticleTxt); EP.ActivityStartDateArticleTxt.SendKeys(startDate); EP.ActivityStartDateArticleTxt.SendKeys(Keys.Tab); ElemSet.ScrollToElement(browser, EP.ActivityCompletionDateArticleTxt); EP.ActivityCompletionDateArticleTxt.SendKeys(completionDate); EP.ActivityCompletionDateArticleTxt.SendKeys(Keys.Tab); ElemSet.ScrollToElement(browser, EP.SubmitButton); EP.SubmitButton.SendKeys(Keys.Tab); //perform the Selenium Click Browser.ExecuteScript("arguments[0].click();", EP.SubmitButton); //wait until the popup submit button appears Browser.WaitForElement(Bys.EnterACPDActivityPage.PopupSubmitBtn, ElementCriteria.IsVisible); Browser.ExecuteScript("arguments[0].click();", EP.PopupSubmitBtn); /// 4. return to the dashboard String TotalCreditsString = DP.CheckForCreditUpdate(); /// 5. check to see that the Total credits are now equal to the 0.5 added by the article Assert.AreEqual(TotalCreditsString, "0.5"); }
public void CommentsForTreeOfPagesWithSecurity() { //Assumptions: //Actions: // Create tree of pages // Add comment to every page // Set private restrictions for E page // Try to get comments from user which doesn't have rights for E page //Expected result: // All comments received except comments for E Plug p = Utils.BuildPlugForAdmin(); string baseTreePath = PageUtils.BuildPageTree(p); string commentForA = Utils.GetSmallRandomText(); DreamMessage postMsg = DreamMessage.Ok(MimeType.TEXT_UTF8, commentForA); DreamMessage msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A"), "comments").Post(postMsg); string commentForAId = msg.ToDocument()["@id"].AsText; string commentForB = Utils.GetSmallRandomText(); postMsg = DreamMessage.Ok(MimeType.TEXT_UTF8, commentForB); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A/B"), "comments").Post(postMsg); string commentForBId = msg.ToDocument()["@id"].AsText; string commentForC = Utils.GetSmallRandomText(); postMsg = DreamMessage.Ok(MimeType.TEXT_UTF8, commentForC); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A/B/C"), "comments").Post(postMsg); string commentForCId = msg.ToDocument()["@id"].AsText; string commentForD = Utils.GetSmallRandomText(); postMsg = DreamMessage.Ok(MimeType.TEXT_UTF8, commentForD); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A/B/D"), "comments").Post(postMsg); string commentForDId = msg.ToDocument()["@id"].AsText; string commentForE1 = Utils.GetSmallRandomText(); postMsg = DreamMessage.Ok(MimeType.TEXT_UTF8, commentForE1); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A/E"), "comments").Post(postMsg); string commentForE1Id = msg.ToDocument()["@id"].AsText; string commentForE2 = Utils.GetSmallRandomText(); postMsg = DreamMessage.Ok(MimeType.TEXT_UTF8, commentForE2); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A/E"), "comments").Post(postMsg); string commentForE2Id = msg.ToDocument()["@id"].AsText; XDoc securityDoc = new XDoc("security") .Start("permissions.page") .Elem("restriction", "Private") .End(); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A/E"), "security"). WithQuery("cascade=none").Put(securityDoc); string userid = null; string username = null; msg = UserUtils.CreateRandomContributor(p, out userid, out username); p = Utils.BuildPlugForUser(username); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath), "comments").With("depth", "infinity").Get(); Assert.IsTrue(msg.ToDocument()["@count"].AsInt == 4); Assert.AreEqual(msg.ToDocument()[string.Format("comment[@id='{0}']/content", commentForAId)].AsText, commentForA); Assert.AreEqual(msg.ToDocument()[string.Format("comment[@id='{0}']/content", commentForBId)].AsText, commentForB); Assert.AreEqual(msg.ToDocument()[string.Format("comment[@id='{0}']/content", commentForCId)].AsText, commentForC); Assert.AreEqual(msg.ToDocument()[string.Format("comment[@id='{0}']/content", commentForDId)].AsText, commentForD); Assert.IsTrue(msg.ToDocument()[string.Format("comment[@id='{0}']", commentForE1Id)].IsEmpty); Assert.IsTrue(msg.ToDocument()[string.Format("comment[@id='{0}']", commentForE2Id)].IsEmpty); }
public void GetCommentsWithFilter() { Plug p = Utils.BuildPlugForAdmin(); string id = null; string path = null; DreamMessage msg = PageUtils.CreateRandomPage(p, out id, out path); string comment = Utils.GetSmallRandomText(); DreamMessage postMsg = DreamMessage.Ok(MimeType.TEXT_UTF8, comment); msg = p.At("pages", id, "comments").Post(postMsg); Assert.AreEqual(DreamStatus.Ok, msg.Status); string commentId1 = msg.ToDocument()["@id"].AsText; Assert.IsFalse(string.IsNullOrEmpty(commentId1)); Assert.AreEqual(comment, msg.ToDocument()["content"].AsText); comment = Utils.GetSmallRandomText(); postMsg = DreamMessage.Ok(MimeType.TEXT_UTF8, comment); msg = p.At("pages", id, "comments").Post(postMsg); Assert.AreEqual(DreamStatus.Ok, msg.Status); string commentId2 = msg.ToDocument()["@id"].AsText; Assert.IsFalse(string.IsNullOrEmpty(commentId2)); Assert.AreEqual(comment, msg.ToDocument()["content"].AsText); string username = null; string userid = null; msg = UserUtils.CreateRandomContributor(p, out userid, out username); p = Utils.BuildPlugForUser(username); comment = Utils.GetSmallRandomText(); postMsg = DreamMessage.Ok(MimeType.TEXT_UTF8, comment); msg = p.At("pages", id, "comments").Post(postMsg); Assert.AreEqual(DreamStatus.Ok, msg.Status); string commentId3 = msg.ToDocument()["@id"].AsText; Assert.IsFalse(string.IsNullOrEmpty(commentId3)); Assert.AreEqual(comment, msg.ToDocument()["content"].AsText); msg = p.At("pages", "=" + XUri.DoubleEncode(path), "comments"). With("postedbyuserid", userid).Get(); Assert.AreEqual(DreamStatus.Ok, msg.Status); Assert.AreEqual(1, msg.ToDocument()["@count"].AsInt); Assert.IsFalse(msg.ToDocument()[string.Format("comment[@id=\"{0}\"]", commentId3)].IsEmpty); Assert.IsTrue(msg.ToDocument()[string.Format("comment[@id=\"{0}\"]", commentId1)].IsEmpty); Assert.IsTrue(msg.ToDocument()[string.Format("comment[@id=\"{0}\"]", commentId2)].IsEmpty); p = Utils.BuildPlugForAdmin(); msg = p.At("pages", "=" + XUri.DoubleEncode(path), "comments"). With("postedbyuserid", UserUtils.GetCurrentUserID(p)).Get(); Assert.AreEqual(DreamStatus.Ok, msg.Status); Assert.AreEqual(2, msg.ToDocument()["@count"].AsInt); Assert.IsFalse(msg.ToDocument()[string.Format("comment[@id=\"{0}\"]", commentId1)].IsEmpty); Assert.IsFalse(msg.ToDocument()[string.Format("comment[@id=\"{0}\"]", commentId2)].IsEmpty); Assert.IsTrue(msg.ToDocument()[string.Format("comment[@id=\"{0}\"]", commentId3)].IsEmpty); PageUtils.DeletePageByID(p, id, true); }
public async Task <T> DoAuditAsync <T>(T obj, EntityState state = EntityState.Default, string email = "", DatabaseName databaseName = DatabaseName.Default) where T : class, new() { if (DisableAudit) { return(obj); } if (email.IsNullOrEmpty()) { email = UserUtils.GetCurrentEmail(); } if (state == EntityState.Default && (obj as BaseModel) != null) { state = ((obj as BaseModel).Id == Guid.Empty) ? EntityState.Added : EntityState.Updated; } var utcNow = DateTime.UtcNow; var entityType = typeof(T).GetCustomAttributes(typeof(DbTableNameAttribute), false); var dbTableNameAttribute = entityType.SingleOrDefault() as DbTableNameAttribute; string dbTableName; if (dbTableNameAttribute == null) { var entityBaseType = (!typeof(T).IsAbstract) ? typeof(T) : typeof(T).BaseType; dbTableName = entityBaseType?.Name ?? typeof(T).Name; dbTableNameAttribute = new DbTableNameAttribute(dbTableName); dbTableName = dbTableNameAttribute.TableName; } else { dbTableName = dbTableNameAttribute.TableName; } await Task.Run(() => Run(databaseName, cmd => { var eventValue = (obj as IAuditableEntity); if (eventValue == null) { return; } var audit = new AuditModel { TablePkId = eventValue.DbTablePkId(), ObjectId = eventValue.DbObjectId(), Email = email, DateCreated = utcNow, DateModified = utcNow, IsPublic = true, IsActive = true, IsDeleted = false, TableName = dbTableName }; switch (state) { case EntityState.Added: audit.EventType = "A"; audit.EventValue = eventValue.AddEvent(); break; case EntityState.Deleted: audit.EventType = "D"; audit.EventValue = eventValue.DeleteEvent(); break; case EntityState.Updated: audit.EventType = "U"; audit.EventValue = eventValue.UpdateEvent(); break; } audit.Code = eventValue.DbCode(); audit.Severity = eventValue.DbSeverity(); cmd.CommandText = "[dbo].[SaveAudit]"; cmd.AddParameter("@id", audit.Id); cmd.AddParameter("@isActive", audit.IsActive); cmd.AddParameter("@isPublic", audit.IsPublic); cmd.AddParameter("@isDeleted", audit.IsDeleted); cmd.AddParameter("@dateCreated", audit.DateCreated); cmd.AddParameter("@dateModified", audit.DateModified); cmd.AddParameter("@createdBy", audit.CreatedBy ?? "System"); cmd.AddParameter("@updatedBy", audit.UpdatedBy ?? "System"); cmd.AddParameter("@email", audit.Email); cmd.AddParameter("@tableName", audit.TableName); cmd.AddParameter("@eventType", audit.EventType); cmd.AddParameter("@eventValue", audit.EventValue); cmd.AddParameter("@tablePkId", audit.TablePkId); cmd.AddParameter("@objectId", audit.ObjectId); cmd.AddParameter("@severity", audit.Severity); cmd.AddParameter("@code", audit.Code); using (var reader = cmd.ExecuteReader()) while (reader.Read()) { var jsonString = JsonConvert.SerializeObject(audit, Formatting.Indented, new JsonConverter[] { new StringEnumConverter() }); //_logger.BeautifyLog(string.Format("Created {0} audit : {1}{2}{1}", typeof(T).FullName, Environment.NewLine, jsonString)); } })); return(obj); }
/// <summary> /// Called when a user wants to update his permissions. /// </summary> /// <param name="permission"> /// New permission: should be 2-bit string like '3' -> 0b11. /// First bit allows edition. Second bit allows deletion. /// </param> /// <returns></returns> public async Task UpdateUserPermission(string permission) { await UserUtils.UpdateUserPermission(Context, Clients, permission); }
public ActionResult BroadcastAdmin() { ViewBag.IsAdmin = UserUtils.GetUser().IsAdmin; return(View("BroadcastAdmin", "_Layout")); }
public JsonResult ModifyModule(ContentModule entity) { var result = new JsonResult() { Data = new { success = false, message = "There as an error processing your request" } }; if (String.IsNullOrEmpty(entity.ModuleName)) { return(result); } var editedContent = Context.ContentModules.FirstOrDefault(x => x.ContentModuleId == entity.ContentModuleId); if (editedContent == null) { return(result); } if (editedContent.ParentContentModuleId.HasValue) { editedContent = Context.ContentModules.FirstOrDefault(x => x.ContentModuleId == editedContent.ParentContentModuleId.Value); if (editedContent == null) { return(result); } } SaveDraft(editedContent, editedContent.CreateDate); editedContent.DraftAuthorName = UserUtils.CurrentMembershipUsername(); editedContent.CreateDate = DateTime.UtcNow; editedContent.ModuleName = ContentUtils.ScrubInput(entity.ModuleName); editedContent.HTMLContent = entity.HTMLContent; editedContent.HTMLUnparsed = entity.HTMLUnparsed; editedContent.JSContent = entity.JSContent; editedContent.CSSContent = entity.CSSContent; editedContent.SchemaId = entity.SchemaId; editedContent.SchemaEntryValues = entity.SchemaEntryValues; editedContent.IsActive = true; var success = Context.SaveChanges(); if (success > 0) { CachedObjects.GetCacheContentModules(true); BookmarkUtil.UpdateTitle("/admin/modules/" + editedContent.ContentModuleId + "/", editedContent.ModuleName); result.Data = new { success = true, message = "Content saved successfully.", date = SystemTime.CurrentLocalTime.ToString("dd/MM/yyy @ h:mm tt") }; } return(result); }
public void RevisionHideAndUnhide() { Plug p = Utils.BuildPlugForAdmin(); string id = null; string path = null; string fileid = null; string filename = null; DreamMessage msg = PageUtils.SavePage(p, string.Empty, PageUtils.GenerateUniquePageName(), "filerevhidetest", out id, out path); string filepath = FileUtils.CreateRamdomFile(Encoding.UTF8.GetBytes("My contents.")); FileUtils.UploadFile(p, id, "test file rev 1", out fileid, filepath); FileUtils.UploadFile(p, id, "test file rev 2", out fileid, filepath); FileUtils.UploadFile(p, id, "test file rev 3", out fileid, filepath); string userid; string username; UserUtils.CreateRandomUser(p, "Contributor", out userid, out username); //Check that anon can see contents before hiding revs msg = Utils.BuildPlugForUser(username).At("files", fileid, "contents").With("revision", 2).GetAsync().Wait(); Assert.AreEqual(DreamStatus.Ok, msg.Status, "reg user can't see contents even before hiding!"); //Reinit plug to admin Utils.BuildPlugForAdmin(); string comment = "just cuz.."; XDoc hideRequestXml = new XDoc("revisions").Start("file").Attr("id", fileid).Attr("hidden", true).Attr("revision", 2).End(); msg = p.At("files", fileid, "revisions").With("comment", comment).PostAsync(hideRequestXml).Wait(); Assert.AreEqual(DreamStatus.Ok, msg.Status, "Non 200 status hiding revisions"); //Ensure correct revisions coming back is visible + hidden msg = p.At("files", fileid, "info").With("revision", 1).GetAsync().Wait(); Assert.AreEqual(DreamStatus.Ok, msg.Status, "files/{id}/info?revision=x returned non 200 status"); Assert.IsFalse(msg.ToDocument()["/page[@revision = \"1\"]/@hidden"].AsBool ?? false, "Rev 1 is hidden!"); //validate hidden rev msg = p.At("files", fileid, "info").With("revision", 2).GetAsync().Wait(); Assert.AreEqual(DreamStatus.Ok, msg.Status, "files/{id}/info?revision=x returned non 200 status"); Assert.IsTrue(msg.ToDocument()["/file[@revision = \"2\"]/@hidden"].AsBool ?? false, "Rev 2 is not hidden!"); Assert.AreEqual(comment, msg.ToDocument()["/file[@revision = \"2\"]/description.hidden"].AsText, "hide comment missing or invalid"); Assert.IsTrue(!string.IsNullOrEmpty(msg.ToDocument()["/file[@revision = \"2\"]/date.hidden"].AsText), "date.hidden missing"); Assert.IsNotNull(msg.ToDocument()["/file[@revision = \"2\"]/user.hiddenby/@id"].AsUInt, "user.hiddenby id missing"); msg = p.At("files", fileid, "info").With("revision", 3).GetAsync().Wait(); Assert.AreEqual(DreamStatus.Ok, msg.Status, "files/{id}/info?revision=x returned non 200 status"); Assert.IsFalse(msg.ToDocument()["/file[@revision = \"3\"]/@hidden"].AsBool ?? false, "Rev 3 is hidden!"); //Ensure admin still has rights to see hidden contents msg = p.At("files", fileid).With("revision", 2).GetAsync().Wait(); Assert.AreEqual(DreamStatus.Ok, msg.Status, "admin can't see hidden contents!"); //Ensure non-admin cannot see hidden contents msg = Utils.BuildPlugForUser(username).At("files", fileid).With("revision", 2).GetAsync().Wait(); Assert.IsTrue(msg.Status == DreamStatus.Unauthorized || msg.Status == DreamStatus.Forbidden, "reg user can still see contents!"); //Attempt to unhide a rev by non admin hideRequestXml = new XDoc("revisions").Start("file").Attr("id", fileid).Attr("hidden", false).Attr("revision", 2).End(); msg = p.At("files", fileid, "revisions").With("comment", comment).PostAsync(hideRequestXml).Wait(); Assert.AreEqual(DreamStatus.Forbidden, msg.Status, "non admin able to unhide rev"); //Attempt to hide a rev by non admin hideRequestXml = new XDoc("revisions").Start("file").Attr("id", fileid).Attr("hidden", true).Attr("revision", 1).End(); msg = p.At("files", fileid, "revisions").With("comment", comment).PostAsync(hideRequestXml).Wait(); Assert.AreEqual(DreamStatus.Ok, msg.Status, "DELETE holder unable to hide rev"); //Unhide a rev as normal user (fail!) hideRequestXml = new XDoc("revisions").Start("file").Attr("id", fileid).Attr("hidden", false).Attr("revision", 1).End(); msg = p.At("files", fileid, "revisions").With("comment", comment).PostAsync(hideRequestXml).Wait(); Assert.AreEqual(DreamStatus.Forbidden, msg.Status, "normal user able to unhide!"); //Reinit plug to admin Utils.BuildPlugForAdmin(); //Unhide a rev as admin hideRequestXml = new XDoc("revisions").Start("file").Attr("id", fileid).Attr("hidden", false).Attr("revision", 1).End(); msg = p.At("files", fileid, "revisions").With("comment", comment).PostAsync(hideRequestXml).Wait(); Assert.AreEqual(DreamStatus.Ok, msg.Status, "admin unable to make rev visible"); //confirm rev 1 is visible now msg = p.At("files", fileid, "info").With("revision", 1).GetAsync().Wait(); Assert.AreEqual(DreamStatus.Ok, msg.Status, "files/{id}/info?revision=x returned non 200 status"); Assert.IsFalse(msg.ToDocument()["/file[@revision = \"1\"]/@hidden"].AsBool ?? false, "Rev 1 is still hidden!"); }
public void InvokeADMINTemplateWithUnsafeContent() { // This test contains two parts: // 1. Invoke template (created by admin) by ADMIN // 2. Invoke template by user without UNSAFECONTENT permissions // // Expected: All content (unsafe included) is present // Log in as ADMIN Plug p = Utils.BuildPlugForAdmin(); // Create a template with unsafe content string safe_content = "<p>This is a template</p>"; string unsafe_content = "<p><script type=\"text/javascript\">document.write(\"With unsafe content\");</script></p>"; string template_content = safe_content + unsafe_content; string template_name = "test" + DateTime.Now.Ticks.ToString(); string template_path = "Template:" + template_name; DreamMessage msg = p.At("pages", "=" + XUri.DoubleEncode(template_path), "contents") .Post(DreamMessage.Ok(MimeType.TEXT_UTF8, template_content), new Result <DreamMessage>()).Wait(); Assert.AreEqual(DreamStatus.Ok, msg.Status, "Template page creation failed!"); // script contents are injected with CDATA sections, so retrieve contents with injection msg = p.At("pages", "=" + XUri.DoubleEncode(template_path), "contents").Get(new Result <DreamMessage>()).Wait(); template_content = msg.ToDocument()["body"].AsText ?? String.Empty; // There are 3 different dekiscript methods to invoke templates string[] template_call = new string[] { "<pre class=\"script\">Template('" + template_name + "');</pre>", "<pre class=\"script\">Template." + template_name + "();</pre>", "<pre class=\"script\">wiki.Template('" + template_name + "');</pre>" }; // Create page that calls template string page_id; string page_path; PageUtils.CreateRandomPage(p, out page_id, out page_path); for (int i = 0; i < template_call.Length; i++) { // Use template_call[i] as page contents msg = p.At("pages", "=" + XUri.DoubleEncode(page_path), "contents") .With("edittime", String.Format("{0:yyyyMMddHHmmss}", DateTime.Now)) .Post(DreamMessage.Ok(MimeType.TEXT_UTF8, template_call[i]), new Result <DreamMessage>()).Wait(); // Retrieve page contents and verify it matches _all_ template content msg = p.At("pages", "=" + XUri.DoubleEncode(page_path), "contents").Get(new Result <DreamMessage>()).Wait(); Assert.AreEqual(template_content, msg.ToDocument()["body"].AsText ?? String.Empty, "Unexpected contents"); } // Part 2: Invoke template as user without USC permissions string userid; string username; msg = UserUtils.CreateRandomContributor(p, out userid, out username); p = Utils.BuildPlugForUser(username, "password"); // Check that user does not have USC permissions Assert.IsFalse((msg.ToDocument()["permissions.effective/operations"].AsText ?? "UNSAFECONTENT").Contains("UNSAFECONTENT"), "Created user has UNSAFECONTENT permissions"); for (int i = 0; i < template_call.Length; i++) { // Use template_call[i] as page contents msg = p.At("pages", "=" + XUri.DoubleEncode(page_path), "contents") .With("edittime", String.Format("{0:yyyyMMddHHmmss}", DateTime.Now)) .Post(DreamMessage.Ok(MimeType.TEXT_UTF8, template_call[i]), new Result <DreamMessage>()).Wait(); // Retrieve page contents and verify it matches _all_ template content msg = p.At("pages", "=" + XUri.DoubleEncode(page_path), "contents").Get(new Result <DreamMessage>()).Wait(); Assert.AreEqual(template_content, msg.ToDocument()["body"].AsText ?? String.Empty, "Unexpected contents"); } // Clean up PageUtils.DeletePageByName(p, template_path, true); }
internal async void ReturnMyDetails(Message message) { try { var Bot = new TelegramBot(accessToken: ConfigurationManager.AppSettings[name: "accessKey"]); var u = UserUtils.GetUser(chatId: message.From.Id); if (u.ChatId != message.Chat.Id) { var req = new SendMessage(chatId: message.Chat.Id, text: "You are not registered"); await Bot.MakeRequestAsync(request : req); return; } var nodes = NodeUtils.GetNodeByUser(chatId: message.From.Id); var accounts = AccountUtils.GetAccountByUser(chatId: message.From.Id); List <string> accountString; List <string> ips = new List <string>(); try { var client = new AccountClient(Con); if (nodes.Count > 0) { ips = nodes.Select(selector: n => ("Alias: " + n.Alias + "\nIP: " + n.IP + "\nDeposit address: \n" + (accounts.All(predicate: e => e.EncodedAddress != n.DepositAddress) ? "[ACCOUNT UNREGISTERED] " : "") + StringUtils.GetResultsWithHyphen(n.DepositAddress) + "\nBalance: " + client.EndGetAccountInfo(client.BeginGetAccountInfoFromAddress(n.DepositAddress)).Account.Balance / 1000000 + "\nTransactions check: " + AccountUtils.GetAccount(add: n.DepositAddress, user: message.Chat.Id).CheckTxs + "\nHarvesting check: " + AccountUtils.GetAccount(add: n.DepositAddress, user: message.Chat.Id).CheckBlocks + "\nhttps://supernodes.nem.io/details/" + n.SNodeID + "\nhttp://explorer.ournem.com/#/s_account?account=" + n.DepositAddress + "\n\n")).ToList(); } var req = new SendMessage(chatId: message.Chat.Id, text: "**Your registered nodes with associated accounts**"); await Bot.MakeRequestAsync(request : req); foreach (var s in ips) { req = new SendMessage(chatId: message.Chat.Id, text: s); await Bot.MakeRequestAsync(request : req); } var a = accounts.Select(selector: acc => acc.EncodedAddress).ToList(); req = new SendMessage(chatId: message.Chat.Id, text: "**Your registered accounts**"); if (a.Count > 0) { await Bot.MakeRequestAsync(request : req); } accountString = a.Select(selector: n => "\nAccount address: \n" + StringUtils.GetResultsWithHyphen(n) + "\nBalance: " + client.EndGetAccountInfo(client.BeginGetAccountInfoFromAddress(n)).Account.Balance / 1000000 + "\nTransactions check: " + AccountUtils.GetAccount(add: n, user: message.Chat.Id).CheckTxs + "\nHarvesting check: " + AccountUtils.GetAccount(add: n, user: message.Chat.Id).CheckBlocks + "\nhttp://explorer.ournem.com/#/s_account?account=" + n + "\n\n").ToList(); } catch (Exception e) { Console.WriteLine(value: e); accountString = new List <string> { "Sorry something went wrong, please try again. Possibly your node could be offline." }; } foreach (var s in accountString) { var reqAction = new SendMessage(chatId: message.Chat.Id, text: s); await Bot.MakeRequestAsync(request : reqAction); } } catch (Exception ex) { Console.WriteLine(ex.Message); } }
internal void ManageNodes(Chat chat, string text) { var Bot = new TelegramBot(accessToken: ConfigurationManager.AppSettings[name: "accessKey"]); // if the user is not known, add the user to the database if (UserUtils.GetUser(chatId: chat.Id)?.ChatId == null) { // add user based on their chat ID UserUtils.AddUser(userName: chat.Username, chatId: chat.Id); // declare message var msg1 = "You have been automatically registered, one moment please"; // send message notifying they have been registered var reqAction1 = new SendMessage(chatId: chat.Id, text: msg1); // send message Bot.MakeRequestAsync(request: reqAction1); } // set up regex pattern matching sequences. var ip = new Regex(pattern: @"\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b"); var ip2 = new Regex(pattern: @"[a-zA-Z0-9]{1,20}\.[a-zA-Z0-9]{1,20}\.[a-zA-Z0-9]{1,20}"); var ip3 = new Regex(pattern: @"[a-zA-Z0-9]{1,20}\.[a-zA-Z0-9]{1,20}"); // scan list of submitted ip's for any valid sequences var result = ip.Matches(input: text).Cast <Match>().Select(selector: m => m.Value) .Concat(second: ip2.Matches(input: text).Cast <Match>().Select(selector: m => m.Value)) .Concat(second: ip3.Matches(input: text).Cast <Match>().Select(selector: m => m.Value)).ToArray(); // declare a nodeClient to retrieve node data. var snodeClient = new SupernodeClient(); // get a list of all supernodes snodeClient.BeginGetSupernodes(ar => { try { // check submitted list against the list of all supernodes var validNodes = new SupernodeResponseData.Supernodes() { data = new List <SupernodeResponseData.Nodes>() }; foreach (string userIp in result) { foreach (var node in ar.Content.data) { if (userIp != node.ip) { continue; } if (node.payoutAddress == null) { var bot = new TelegramBot(accessToken: ConfigurationManager.AppSettings[name: "accessKey"]); var req = new SendMessage(chatId: chat.Id, text: "One of the nodes you have submitted is invalid, or has not been accepted into the supernode program yet, or it has not recieved its first payment. The invalid node was node registered. Please check your nodes and try again"); bot.MakeRequestAsync(request: req); continue; } validNodes.data.Add(item: node); } } // if the user wants to register a node if (text.StartsWith(value: "/registerNode:") && text != "/registerNode:") { // automatically add the deposit account of each registered node as a monitored account // nodes must be cross referenced with total supernode list to acquire the deposit address // as the supernode API doesnt contain this information string msg1; try { AccountUtils.AddAccount( chatId: chat.Id, accounts: ar.Content.data.Where(predicate: x => validNodes.data.Any(predicate: y => y.ip == x.ip)).ToList() .Select(selector: node => node.payoutAddress).ToList()); var nodesAdded = NodeUtils.AddNode(chatId: chat.Id, nodes: validNodes); // return a message showing which accounts were registered msg1 = ar.Content.data.Count > 0 ? nodesAdded.data.Aggregate(seed: "Nodes registered: \n \n", func: (current, n) => current + n.ip + "\n") : "No nodes were added. It/they may be offline or have an invalid IP. Check your node ip's and try again"; // send message } catch (Exception e) { Console.WriteLine(value: e); msg1 = "Something went wrong, please try again."; } var reqAction1 = new SendMessage(chatId: chat.Id, text: msg1); Bot.MakeRequestAsync(request: reqAction1); } // if a user wants to unregister an account if (text.StartsWith(value: "/unregisterNode:") && text != "/unregisterNode:") { string msg2; try { // declare message assuming nothing goes wrong msg2 = result.Length > 1 ? "Your nodes were removed" : "Your node was removed"; // make sure the user is registered if (UserUtils.GetUser(chatId: chat.Id)?.ChatId != chat.Id) { // if not, tell them var reqAction3 = new SendMessage(chatId: chat.Id, text: "You are not registered"); Bot.MakeRequestAsync(request: reqAction3); return; } // get all user nodes var userNodes = NodeUtils.GetNodeByUser(chatId: chat.Id); // delete any nodes submitted NodeUtils.DeleteNode(chatId: chat.Id, nodes: result.ToList()); // delete any associated deposit accounts that would have been automatically registered AccountUtils.DeleteAccount(chatId: chat.Id, accounts: userNodes.Where(predicate: y => AccountUtils.GetAccountByUser(chatId: chat.Id) .Any(predicate: x => x.EncodedAddress == y.DepositAddress)) .Where(predicate: y => result.Any(predicate: x => x == y.IP)) .Select(selector: acc => acc.DepositAddress).ToList()); } catch (Exception) { msg2 = "Something went wrong. Please try again. If the problem persists, please notify kodtycoon"; } // send a message to notify user of any changes var reqAction2 = new SendMessage(chatId: chat.Id, text: msg2); Bot.MakeRequestAsync(request: reqAction2); } } catch (Exception ex) { Console.WriteLine(ex.StackTrace); } }, 1); }
public void SiteFeed_SetPageToPrivatePublic_AddRemoveGrant_CorrectFeedData() { // Log in as ADMIN Plug p = Utils.BuildPlugForAdmin(); DreamMessage msg; // Create a page string id; string path; PageUtils.CreateRandomPage(p, out id, out path); // Create a user to give and remove grant string userid; string username; UserUtils.CreateRandomContributor(p, out userid, out username); // Grant permissions to give user const string GRANT_ROLE = "contributor"; // Variable security related feed entries string comment = String.Empty; int type = 0; for (int i = 0; i < (int)sec_ops.SET_PUBLIC; i++) { switch (i) { case (int)sec_ops.SET_PRIVATE: // Set page to private XDoc securityDoc = new XDoc("security") .Start("permissions.page") .Elem("restriction", "Private") .End(); msg = p.At("pages", id, "security").Post(securityDoc, new Result <DreamMessage>()).Wait(); Assert.AreEqual(DreamStatus.Ok, msg.Status, "Setting page to private failed!"); comment = "page restriction set to Private"; type = 56; // PAGE_RESTRICTION = 56 break; case (int)sec_ops.ADD_GRANT: // Add grant to user securityDoc = new XDoc("security") .Start("grants.added") .Start("grant") .Start("permissions") .Elem("role", GRANT_ROLE) .End() .Start("user") .Attr("id", userid) .End() .End() .End(); msg = p.At("pages", id, "security").Post(securityDoc, new Result <DreamMessage>()).Wait(); Assert.AreEqual(DreamStatus.Ok, msg.Status, "Adding user grant failed!"); comment = username + " has been added as " + GRANT_ROLE; type = 54; // ADD_GRANT = 54 break; case (int)sec_ops.REMOVE_GRANT: // Remove grant from user securityDoc = new XDoc("security") .Start("grants.removed") .Start("grant") .Start("permissions") .Elem("role", GRANT_ROLE) .End() .Start("user") .Attr("id", userid) .End() .End() .End(); msg = p.At("pages", id, "security").Post(securityDoc, new Result <DreamMessage>()).Wait(); Assert.AreEqual(DreamStatus.Ok, msg.Status, "Removing user grant failed!"); comment = username + " has been revoked as " + GRANT_ROLE; type = 55; // REMOVE_GRANT = 55 break; case (int)sec_ops.SET_PUBLIC: // Set page back to public securityDoc = new XDoc("security") .Start("permissions.page") .Elem("restriction", "Public") .End(); msg = p.At("pages", id, "security").Post(securityDoc, new Result <DreamMessage>()).Wait(); Assert.AreEqual(DreamStatus.Ok, msg.Status, "Setting page to public failed!"); comment = "page restriction set to Public"; type = 56; // PAGE_RESTRICTION = 56 break; default: break; } // Retrieve feed entry msg = p.At("site", "feed").With("format", "rawdaily").With("limit", 1).GetAsync().Wait(); Assert.AreEqual(DreamStatus.Ok, msg.Status, "Feed retrieval failed!"); // Run checks int pageid = System.Convert.ToInt32(id); rc_id_check(msg); rc_comment_check(msg, comment); rc_cur_id_check(msg, pageid); rc_last_oldid_check(msg, 0); rc_this_oldid_check(msg, 0); rc_namespace_check(msg, 0); rc_timestamp_check(msg); rc_title_check(msg, path); rc_type_check(msg, type); rc_moved_to_ns_check(msg, 0); rc_moved_to_title_check(msg, String.Empty); rc_user_name_check(msg, USERNAME); rc_full_name_check(msg, String.Empty); rc_page_exists_check(msg, 1); rc_revision_check(msg, 1); cmnt_deleted_check(msg, 0); old_is_hidden_check(msg, false); rc_prev_revision_check(msg, 1); rc_summary_check(msg, "Edited once by " + USERNAME); } }
protected void Page_Load(object sender, EventArgs e) { if (!(Session["Email"] != null && Session["AuthToken"] != null && Request.Cookies["AuthToken"] != null)) { Response.Redirect("~/Login.aspx", false); return; } if (!Session["AuthToken"].ToString().Equals(Request.Cookies["AuthToken"].Value)) { Response.Redirect("~/Login.aspx", false); return; } if (UserUtils.AccountAgeMinute(Session["Email"].ToString()) >= 15) { Response.Redirect("~/AccountSettings.aspx"); return; } // obtain the credit card information and decrypt byte[] ccNo = null; byte[] ccExpiry = null; byte[] ccCVV = null; // t-sql query string string queryString = "SELECT [CCNo], [CCExpiry], [CCCVV], [IV], [Key] FROM dbo.[Users] WHERE Email = @Email;"; using (SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["MYDBConnection"].ConnectionString)) { // Create the Command and Parameter objects. SqlCommand command = new SqlCommand(queryString, connection); command.Parameters.AddWithValue("@Email", Session["Email"].ToString()); // Open the connection in a try/catch block. // Create and execute the DataReader, writing the result // set to the console window. try { connection.Open(); SqlDataReader reader = command.ExecuteReader(); while (reader.Read()) { IV = Convert.FromBase64String(reader["IV"].ToString()); Key = Convert.FromBase64String(reader["Key"].ToString()); ccNo = Convert.FromBase64String(reader["CCNo"].ToString()); ccExpiry = Convert.FromBase64String(reader["CCExpiry"].ToString()); ccCVV = Convert.FromBase64String(reader["CCCVV"].ToString()); } reader.Close(); } catch (Exception ex) { throw ex; } } lbl_ccNo.Text = decryptData(ccNo); lbl_ccExpiry.Text = decryptData(ccExpiry); lbl_ccCVV.Text = decryptData(ccCVV); }
public ActionResult Edit(int userId, EditUserModel model) { var user = new UserEntity(userId); if (user.IsNew) { throw new HttpException(404, SharedRes.Error.NotFound_User); } if (!RoleUtils.IsUserServiceAdmin() && !RoleUtils.IsUserOrgAdmin()) { throw new HttpException(401, SharedRes.Error.Unauthorized_UserEdit); } if (RoleUtils.IsUserOrgAdmin() && user.OrganizationId != Membership.GetUser().GetUserId().OrganizationId) { throw new HttpException(401, SharedRes.Error.Unauthorized_OrganizationEdit); } if (ModelState.IsValid) { // Validate submitted role. if (!model.Role.HasValue || !(OrganizationUtils.GetAllowedRoles(model.OrganizationId).Any(r => r.RoleId == model.Role))) { throw new HttpException(417, ControllerRes.Account.Invalid_RoleSpecified); } // Locations are only valid for non-admin users. bool isAdmin = RoleUtils.IsRoleForAdmin(model.Role.Value); if (!isAdmin) { // Validate submitted locations are locations of the organization. if (model.Locations.Except(new LinqMetaData().Location.Where(l => l.OrganizationId == model.OrganizationId).Select(l => l.LocationId).ToList()).Any()) { throw new HttpException(404, SharedRes.Error.NotFound_Location); } } // Set flag to indicate whether or not it's a pending registration. // Not using the posted back value in the model for security reasons. bool isPendingRegistration = user.UserAccountRestrictions.Count > 0 && user.UserAccountRestrictions[0].AccountRestriction.AccountRestrictionType == AccountRestrictionType.NewUser; // If not pending registration and username changed, validate username is unique. // Also, set flag to indicate if it's the current user changing own username. bool isCurrentUsernameChange = false; if (!isPendingRegistration && user.Username != model.UserName) { if (UserUtils.IsUsernameUsed(model.UserName)) { throw new HttpException(417, ControllerRes.Account.Invalid_DuplicateUsername); } isCurrentUsernameChange = Membership.GetUser().GetUserId().Id == userId; } // Set flag to indicate whether or not the email address in a registration // has changed. bool isRegistrationChange = isPendingRegistration && user.EmailAddress != model.EmailAddress; Transaction transaction = new Transaction(IsolationLevel.ReadCommitted, "user add"); try { transaction.Add(user); // Username is empty in pending registrations and can't be changed. // And current user username change isn't a simple change; don't do here. if (!isPendingRegistration && !isCurrentUsernameChange) { user.Username = model.UserName; } user.EmailAddress = model.EmailAddress; user.FirstName = model.FirstName; user.LastName = model.LastName; if (RoleUtils.IsUserServiceAdmin()) { user.IsActive = model.IsActive; } // Did role change? if (user.Roles.Count == 0 || user.Roles[0].RoleId != model.Role.Value) { user.Roles.DeleteMulti(); var userRole = user.Roles.AddNew(); userRole.RoleId = model.Role.Value; } int[] newLocations = new int[0]; int[] oldLocations; if (!isAdmin) { // User is not an admin. So find the set of locations user has been added to, // and the set of location user has been removed from. newLocations = model.Locations.Except(user.UserAssignedLocations.Select(l => l.LocationId)).ToArray(); oldLocations = user.UserAssignedLocations.Select(l => l.LocationId).Except(model.Locations).ToArray(); } else { // User is admin. So user will be removed from all locations (admins aren't // assigned to locations). oldLocations = user.UserAssignedLocations.Select(l => l.LocationId).ToArray(); } if (oldLocations.Length > 0) { user.UserAssignedLocations.DeleteMulti(UserAssignedLocationFields.UserId == user.UserId & UserAssignedLocationFields.LocationId == oldLocations); } if (newLocations.Length > 0) { foreach (var loc in newLocations) { var assignedLocation = user.UserAssignedLocations.AddNew(); assignedLocation.LocationId = loc; } } // If the registration email has changed, update the email address in the account // restriction. if (isRegistrationChange) { user.UserAccountRestrictions[0].AccountRestriction.EmailAddress = model.EmailAddress; } // Is current user changing own username? if (isCurrentUsernameChange) { // Changing the current user's username requres special handling because the // forms-auth cookies must be updated with the new username. The delegate will // be invoked to save the new username updating the datbase. In this case, it // needs to be done within the transaction created here. // // Have already validated the username as unique. So the only reason for this // to fail is with some exception thrown, which will be handled in the "catch". Membership.GetUser().ChangeUsername(model.UserName, delegate(string username) { user.Username = username; user.Save(true); // ReSharper disable AccessToDisposedClosure transaction.Commit(); // ReSharper restore AccessToDisposedClosure }); } else { user.Save(true); transaction.Commit(); } } catch (Exception) { transaction.Rollback(); throw new HttpException(500, SharedRes.Error.Error_DatabaseUnknown); } finally { transaction.Dispose(); } // If registration email has changed, need to re-send the registration email. if (isRegistrationChange) { SendRegistrationEmail(model, user.UserAccountRestrictions[0].AccountRestriction.RestrictionKey); } } return((Request.IsAjaxRequest() || ControllerContext.IsChildAction) ? (ActionResult) new EmptyResult() : View(GetEditModel(userId))); }
public Lobby Get(string id) { if (id == "0") { if (Variables.Lobby != null) { lock (Variables.LobbyPlayers) { LobbyUtils.CalculateLobbyPlayerFieldColors(); Variables.Lobby.Players = Variables.LobbyPlayers.OrderBy(lp => lp.Position); Variables.Lobby.SLobbyId = Variables.Lobby.LobbyId.ToString(); foreach (var player in Variables.Lobby.Players) { player.SSteamId = player.SteamId.ToString(); } return(Variables.Lobby); } } else { return(null); } } else { var longLobbyId = ulong.Parse(id); var runningLobby = _repository.Lobbies.Include(l => l.Players).ThenInclude(ls => ls.User).FirstOrDefault(l => l.LobbyId == longLobbyId); var lobby = new Commons.Models.Lobby { LobbyId = runningLobby.LobbyId, SLobbyId = runningLobby.LobbyId.ToString(), GameType = runningLobby.GameType, Name = runningLobby.Name, Ranked = runningLobby.Ranked, Players = runningLobby.Players.Where(p => p.Position > 0).OrderBy(p => p.Position).Select(p => new Player { Name = p.Name, SteamId = p.User != null ? p.User.SteamId : 0, SSteamId = p.User?.SteamId.ToString(), LobbySlotId = p.Id, Position = p.Position, Rank = runningLobby.Ranked == 2 ? p.RankDM : p.RankRM, RankRM = p.RankRM, RankDM = p.RankDM, Profile = p.User != null ? new PlayerProfile { Location = p.User.Location, ProfileDataFetched = p.User.ProfileDataFetched, ProfilePrivate = p.User.ProfilePrivate } : null, ReputationStats = p.User != null ? new PlayerReputationStats { Games = p.User.Games, PositiveReputation = p.User.PositiveReputation, NegativeReputation = p.User.NegativeReputation } : null, GameStats = p.User != null ? UserUtils.GetGameStats(p.GamesStartedRM, p.GamesStartedDM, p.GamesWonRM, p.GamesWonDM, p.GamesEndedRM, p.GamesEndedDM) : null, }).ToList() }; foreach (var player in lobby.Players) { LobbyUtils.CalculateUserFieldColors(player, lobby.Ranked); } return(lobby); } }
protected void btn_submit_Click(object sender, EventArgs e) { // validate fields if (!Validate_Fields()) { return; } string email = tb_email.Text.Trim(); string password = tb_password.Text.Trim(); string input_fName = tb_fName.Text.Trim(); string input_lName = tb_lName.Text.Trim(); string input_ccCVV = tb_ccCVV.Text.Trim(); string newPassword = tb_newPassword.Text.Trim(); string confirmNewPassword = tb_confirmNewPassword.Text.Trim(); if (!UserUtils.Exist(email)) { showFeedback("Invalid email address."); return; } if (!UserUtils.Authenticate(email, password)) { showFeedback("Sorry, with the information you've provided. We still can't verify that you're the account owner."); return; } string userId = null; string firstName = null, lastName = null; string cipherText = null; string iv = null; string key = null; string existPassSalt = null; string existPassHash = null; using (SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["MYDBConnection"].ConnectionString)) { using (SqlCommand cmd = new SqlCommand("SELECT * FROM [dbo].[Users] WHERE Email = @Email", con)) { cmd.CommandType = CommandType.Text; cmd.Parameters.AddWithValue("@Email", email); if (con.State == ConnectionState.Closed || con.State == ConnectionState.Broken) { con.Open(); } SqlDataReader sdr = cmd.ExecuteReader(); if (sdr.Read()) { userId = sdr["Id"].ToString(); firstName = sdr["FirstName"].ToString(); lastName = sdr["LastName"].ToString(); existPassSalt = sdr["PasswordSalt"].ToString(); existPassHash = sdr["PasswordHash"].ToString(); cipherText = sdr["CCCVV"].ToString(); iv = sdr["IV"].ToString(); key = sdr["Key"].ToString(); } } } string plainText = DataCrypt.Decrypt(cipherText, iv, key); if (!(plainText.Equals(input_ccCVV) && firstName.Equals(input_fName) && lastName.Equals(input_lName))) { showFeedback("Invalid details provided."); return; } if (Password.ComparePasswordHash(Password.GetPasswordHash(newPassword, existPassSalt), existPassHash)) { showFeedback("Your new password cannot be a password you've used before."); return; } Password.UpdatePassword(userId, Convert.ToBase64String(Password.GetPasswordHash(tb_newPassword.Text.Trim(), existPassSalt))); UserUtils.UnlockAccount(email); lbl_feedback.ForeColor = Color.Green; showFeedback("Password has been updated."); }
public void TestEmptyDeltaCascadesNothing() { //Assumptions: // Role 'Contributor' exists // Role 'Viewer' exists //Actions: // Create User1 // User1 is contributor /A/B and Viewer on /A //Expected result: // nothing changed Plug p = Utils.BuildPlugForAdmin(); string baseTreePath = PageUtils.BuildPageTree(p); string userid1 = null; DreamMessage msg = UserUtils.CreateRandomContributor(p, out userid1); XDoc securityDoc = new XDoc("security") .Start("permissions.page") .Elem("restriction", "Private") .End() .Start("grants") .Start("grant") .Start("permissions") .Elem("role", "Contributor") .End() .Start("user").Attr("id", userid1).End() .End() .End(); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A/B"), "security"). WithQuery("cascade=absolute").Put(securityDoc); Assert.AreEqual(DreamStatus.Ok, msg.Status); securityDoc = new XDoc("security") .Start("permissions.page") .Elem("restriction", "Private") .End() .Start("grants") .Start("grant") .Start("permissions") .Elem("role", "Viewer") .End() .Start("user").Attr("id", userid1).End() .End() .End(); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A"), "security"). WithQuery("cascade=none").Put(securityDoc); Assert.AreEqual(DreamStatus.Ok, msg.Status); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A/B"), "security").Get(); Assert.AreEqual("Contributor", msg.ToDocument()[string.Format("grants/grant[user/@id=\"{0}\"]/permissions/role", userid1)].Contents); securityDoc = new XDoc("security") .Start("permissions.page") .Elem("restriction", "Private") .End() .Start("grants") .Start("grant") .Start("permissions") .Elem("role", "Viewer") .End() .Start("user").Attr("id", userid1).End() .End() .End(); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A"), "security"). WithQuery("cascade=delta").Put(securityDoc); Assert.AreEqual(DreamStatus.Ok, msg.Status); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A"), "security").Get(); Assert.AreEqual("Viewer", msg.ToDocument()[string.Format("grants/grant[user/@id=\"{0}\"]/permissions/role", userid1)].Contents); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A/B"), "security").Get(); Assert.AreEqual("Contributor", msg.ToDocument()[string.Format("grants/grant[user/@id=\"{0}\"]/permissions/role", userid1)].Contents); }
public ActionResult Index() { ContentViewViewModel model = null; //Remove query string var thisUri = new Uri(Request.Url.GetLeftPart(UriPartial.Path)); // Check for content pages before returning a 404 var title = GetPageTitle(thisUri); // If url has a subdirectory, try the master url list to see if it is a child page bool hasSubDirectory = title.Contains("/"); if (hasSubDirectory) { model = GetSubDirectoryModel(title); } // If not a subdirectory try based on permalink / title if (model == null || model.ThePage == null) { model = new ContentViewViewModel { ThePage = ContentLoader.GetDetailsByTitle(title) }; } // If we found a hit, return the view, otherwise 404 if (model.ThePage != null) { model.TheTemplate = ContentLoader.GetContentTemplate(model.ThePage.Template); model.PageData = ContentUtils.GetFormattedPageContentAndScripts(model.ThePage.HTMLContent); if (UserUtils.UserIsAdmin()) { var userName = UserUtils.CurrentMembershipUsername(); var user = Context.Users.First(usr => usr.Username == userName); var pageModel = new EditContentViewModel(); var editContentHelper = new EditContentHelper(Context); editContentHelper.LoadContentViewById(model.ThePage.ContentPageId, pageModel); pageModel.BookmarkTitle = model.ThePage.Title; pageModel.IsBookmarked = Context.Bookmarks.Any( bookmark => bookmark.Title == title && bookmark.Url == Request.RawUrl && bookmark.UserId == user.UserId); ViewBag.PageModel = pageModel; } ViewBag.IsPage = true; ViewBag.PageId = model.ThePage.ContentPageId; ViewBag.IsPublished = model.ThePage.IsActive; ViewBag.OGType = model.ThePage.OGType ?? "website"; ViewBag.MetaDesc = model.ThePage.MetaDescription ?? ""; ViewBag.Title = model.ThePage.Title; ViewBag.OGTitle = model.ThePage.Title ?? model.ThePage.OGTitle; ViewBag.OGImage = model.ThePage.OGImage ?? ""; // Set the page Canonical Tag and OGURl ViewBag.Canonical = GetCanonical(model.ThePage); ViewBag.OGUrl = model.ThePage.OGUrl ?? ViewBag.Canonical; ViewBag.Index = model.ThePage.NoIndex ? "noindex" : "index"; ViewBag.Follow = model.ThePage.NoFollow ? "nofollow" : "follow"; return(View(model.TheTemplate.ViewLocation, model)); } model = new ContentViewViewModel { ThePage = ContentLoader.GetDetailsByTitle("404") }; model.TheTemplate = ContentLoader.GetContentTemplate(model.ThePage.Template); model.PageData = ContentUtils.GetFormattedPageContentAndScripts(model.ThePage.HTMLContent); ViewBag.IsPage = true; ViewBag.PageId = model.ThePage.ContentPageId; ViewBag.IsPublished = model.ThePage.IsActive; ViewBag.Title = model.ThePage.Title; ViewBag.Index = "noindex"; ViewBag.Follow = "nofollow"; HttpContext.Response.StatusCode = 404; Response.TrySkipIisCustomErrors = true; return(View(model.TheTemplate.ViewLocation, model)); }
public void TestCascadingWithSkipIfUnableToSet() { //Assumptions: //Actions: // Create user with "Contributor" role // Admin sets restriction:private on A/B // User adds grant for self viewer on A/* // User sets grant for self viewer on A/* //Expected result: // User is viewer on A, A/B/C, A/B/D, A/E but no change on A/B Plug p = Utils.BuildPlugForAdmin(); string baseTreePath = PageUtils.BuildPageTree(p); string userid = null; string username = null; DreamMessage msg = UserUtils.CreateRandomContributor(p, out userid, out username); XDoc securityDoc = new XDoc("security") .Start("permissions.page") .Elem("restriction", "Private") .End(); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A/B"), "security"). WithQuery("cascade=none").Put(securityDoc); Assert.AreEqual(DreamStatus.Ok, msg.Status, "restrict /A/B to private"); p = Utils.BuildPlugForUser(username, "password"); securityDoc = new XDoc("security") .Start("grants.added") .Start("grant") .Start("permissions") .Elem("role", "Viewer") .End() .Start("user").Attr("id", userid).End() .End() .End(); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A"), "security"). WithQuery("cascade=delta").Post(securityDoc); Assert.AreEqual(DreamStatus.Ok, msg.Status, "grant viewer on /A/*"); p = Utils.BuildPlugForAdmin(); // relogin as admin msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A"), "security").Get(); Assert.AreEqual(msg.ToDocument()[string.Format("grants/grant[user/@id=\"{0}\"]/permissions/role", userid)].Contents, "Viewer", "confirm viewer grant on /A"); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A/B"), "security").Get(); Assert.AreEqual(msg.ToDocument()["permissions.page/restriction"].Contents, "Private", "confirm private restriction on /A/B"); Assert.AreEqual(msg.ToDocument()["grants/grant[2]"].IsEmpty, true, "confirm single grant on /A/B"); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A/B/C"), "security").Get(); var doc = msg.ToDocument(); Assert.AreEqual(doc[string.Format("grants/grant[user/@id=\"{0}\"]/permissions/role", userid)].Contents, "Viewer", "confirm viewer grant on /A/B/C"); Assert.AreEqual(string.IsNullOrEmpty(doc["permissions.page/operations"].AsText), true, "confirm no available operations on /A/B/C"); p = Utils.BuildPlugForUser(username, "password"); // relogin as user securityDoc = new XDoc("security") .Start("permissions.page") .Elem("restriction", "Private") .End() .Start("grants") .Start("grant") .Start("permissions") .Elem("role", "Contributor") .End() .Start("user").Attr("id", userid).End() .End() .End(); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A"), "security"). WithQuery("cascade=absolute").Put(securityDoc); Assert.AreEqual(DreamStatus.Ok, msg.Status, "grant contributor on /A/*"); p = Utils.BuildPlugForAdmin(); // relogin as admin msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A"), "security").Get(); Assert.AreEqual(msg.ToDocument()[string.Format("grants/grant[user/@id=\"{0}\"]/permissions/role", userid)].Contents, "Contributor", "confirm contributor grant on /A"); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A/B"), "security").Get(); Assert.AreEqual(msg.ToDocument()["permissions.page/restriction"].Contents, "Private", "reconfirm private restriction on /A/B"); Assert.AreEqual(msg.ToDocument()["grants/grant[2]"].IsEmpty, true, "reconfirm single grant on /A/B"); msg = p.At("pages", "=" + XUri.DoubleEncode(baseTreePath + "/A/B/C"), "security").Get(); Assert.AreEqual(msg.ToDocument()[string.Format("grants/grant[user/@id=\"{0}\"]/permissions/role", userid)].Contents, "Contributor", "confirm contributor grant on /A/B/C"); Assert.AreEqual(msg.ToDocument()["permissions.page/restriction"].Contents, "Private", "confirm private restriction on /A/B/C"); }
public void CourseTracker_Resident_RequiredCoursePass() { /// 1.Navigate to the login page login as a AMA staff UserInfo role = UserUtils.GetUser(UserRole.Ama_Staff); LoginPage LP = Navigation.GoToLoginPage(browser); EducationCenterPage ED = LP.LoginAsUser("10021373", "password"); if (BrowserName == BrowserNames.Firefox) { Browser.WaitForElement(Bys.EducationCenterPage.GcepLnk, ElementCriteria.IsEnabled); } /// 2.click to GCEP link navigate to Gcep page and waiting load icon disappear GCEPPage Gcep = ED.ClickToAdvance(ED.GcepLnk); string CourseTracker = Gcep.ResidentCourseTrackerLbl.Text; if (!CourseTracker.Contains('/')) { if (!CourseTracker.Contains("0")) { string[] CourseTrackernotNull = CourseTracker.Split(' '); int regCoursCount = Convert.ToInt16(CourseTrackernotNull[3]); } else { string[] CoursetrackerwithNull = CourseTracker.Split(' '); int NoRegCourse = Convert.ToInt16(CoursetrackerwithNull[2]); } Gcep.ClickToAdvance(Gcep.SignOutLnk); LP = Navigation.GoToLoginPage(browser); ED = LP.LoginAsUser(role.Username, role.Password); if (BrowserName == BrowserNames.Firefox) { Browser.WaitForElement(Bys.EducationCenterPage.GcepLnk, ElementCriteria.IsEnabled); } Gcep = ED.ClickToAdvance(ED.GcepLnk); /// 3.from Gcep navigating to institution managment searching for institution looking for curriculum and if their any curriculum with the same name deleting and starting create new curriculum. InstitutionsPage Instute1 = Gcep.ClickToAdvance(Gcep.InstitutionManagLnk); InstitutionsGCEPPage InsGcep1 = Instute1.SearchforInstitutions("Ellis Hospital"); ProgramsPage Program1 = InsGcep1.ClickToAdvance(InsGcep1.InstitutionProgramManagmentLnk); Program1.UnassignCurriculum(); CurriculumMngPage Curriculum1 = InsGcep1.ClickToAdvance(InsGcep1.InstitutionCurriculumTmpLnk); Curriculum1.Search("Learning111!!!"); Curriculum1.DeleteCurriculum("Learning111!!!"); CurriculumCoursePage CurCoursPage = Curriculum1.ClickToAdvance(Curriculum1.CreateCurriculumTemplateBtn); /// 4.Form course page choosing available courses from table by index CurCoursPage.AddOrRemoveCourses(CurCoursPage.AvailableCoursesTbl, CurCoursPage.AddSelectedBtn, 8, 9, 10, 11, 12, 13, 14, 15, 16); // List<string> CourseNames = new List<string>(); List <string> CourseNames = CurCoursPage.GetTheNamesChoosenCourses(); int CountofCoursewasAssigned = CourseNames.Count; /// 5. Giving the name for curriculum passing parameter from TestCase as a string CurCoursPage.CurriculumNameTxt.Clear(); CurCoursPage.CurriculumNameTxt.SendKeys("Learning111!!!"); /// 6.Saving curriculum and navigating to the pgy pages to assigne course to students PGYAssignmentPage PGY = CurCoursPage.ClickToAdvance(CurCoursPage.NextBtn); /// 7.Choosing student years to assign course by index for each course PGY.Grid_ClickElementWithoutTextInsideRow(PGY.CourseTbl, 1, 4); PGY.Grid_ClickElementWithoutTextInsideRow(PGY.CourseTbl, 2, 4); PGY.Grid_ClickElementWithoutTextInsideRow(PGY.CourseTbl, 3, 4); PGY.Grid_ClickElementWithoutTextInsideRow(PGY.CourseTbl, 4, 4); PGY.Grid_ClickElementWithoutTextInsideRow(PGY.CourseTbl, 5, 4); PGY.Grid_ClickElementWithoutTextInsideRow(PGY.CourseTbl, 6, 4); PGY.Grid_ClickElementWithoutTextInsideRow(PGY.CourseTbl, 7, 4); PGY.Grid_ClickElementWithoutTextInsideRow(PGY.CourseTbl, 8, 4); PGY.Grid_ClickElementWithoutTextInsideRow(PGY.CourseTbl, 9, 4); /// 8. Saving curriculum and navigating to curriculum management page again PGY.ClickToAdvance(PGY.SaveExitBtn); /// 9.Finding curriculum what we create and assigning to the programm Curriculum1.Search("Learning111!!!"); Curriculum1.Actioncell.Click(); AssignProgramPage Assign = Curriculum1.ClickToAdvance(Curriculum1.AssignToProgrammLnk); /// 10.Choosing starting date and ending date for program and clicking next button string StartingDate = Assign.ChoosingStartDate(); string EndingDate = Assign.ChoosingEndDate(1, "MM/d/yyyy"); Assign.AssignProgramm(); AssignSummaryPage Summary = Assign.ClickToAdvance(Assign.NextBtn); /// 11.Verifying from Assign Summary page program is displayed Assert.IsTrue(Summary.CreatedProgramName.Displayed); Assert.AreEqual((Summary.CreatedProgramName.Text), "Learning111!!!"); /// 12.Verifying Assing confirmation test page curriculum name and starting date and ending dates are there which we choose. AssignConfirmationPage Confirmation = Summary.ClickToAdvance(Summary.NextBtn); // Assert.IsTrue(Confirmation.Grid_CellTextFound(Confirmation.ProgramSummaryTbl, StartingDate + " - " + EndingDate)); Thread.Sleep(0500); Confirmation.ConfirmBtn.Click(); /// 13.Signing out and Signing in as a Resindent counting required courses from myRequiredCourses Curriculum1.ClickToAdvance(Curriculum1.SignOutLnk); Thread.Sleep(2500); LP = Navigation.GoToLoginPage(browser); ED = LP.LoginAsUser("10021373", "password");//10021375,10021377,21387 Gcep = ED.ClickToAdvance(ED.GcepLnk); //Assert.True(Gcep.VerificationOfChoosenCoursesAssignedForResident(browser, CourseNames), "Course count are not equal"); Thread.Sleep(2000); string CourseTrackerAfterAssignment = Gcep.ResidentCourseTrackerLbl.Text; string[] courseword2 = CourseTrackerAfterAssignment.Split(' '); //string[] countofcourses1 = courseword2[2].Split('/'); //string[] courseword = CourseTracker.Split(' '); int CountofcoursesOnResidentGcepaftercourseAssignment = Convert.ToInt16(courseword2[3]); Thread.Sleep(2000); int CountofcoursesOnResidentGcepaftercourseAssigmentCompleted = Convert.ToInt16(courseword2[2]); Thread.Sleep(2000); Assert.True(CountofcoursesOnResidentGcepaftercourseAssignment.Equals(CountofCoursewasAssigned)); } do { ElemSet.ScrollToElement(browser, Gcep.FaceBookLnk); }while (!Gcep.ResidentGcepShowElectiveCourseLnk.Displayed); ElemSet.ScrollToElement(browser, Gcep.ResidentCourseTrackerLbl); CourseTestPage Course = Gcep.ResidentStartCourseOrContinue(browser, "AUTOMATION_002"); Gcep = Course.TestPass(); do { ElemSet.ScrollToElement(browser, Gcep.FaceBookLnk); }while (!Gcep.ResidentGcepShowElectiveCourseLnk.Displayed); Assert.IsTrue(Gcep.VerificationCourseCompletion(browser, "AUTOMATION_002", "View Certificate"), "View Certificet button not visible"); string CourseTrackerAfterTestCompletion = Gcep.ResidentCourseTrackerLbl.Text; string[] courseword3 = CourseTrackerAfterTestCompletion.Split(' '); int CountOfCompletedRegCourseafterPassingTest = Convert.ToInt16(courseword3[2]); //int some = CountofcoursesOnResidentGcepaftercourseAssigmentCompleted + 1; //Assert.True(CountofcoursesOnResidentGcepaftercourseAssigmentCompleted + 1 == (CountOfCompletedRegCourseafterPassingTest)); Gcep.ClickToAdvance(Gcep.SignOutLnk); Thread.Sleep(2500); LP = Navigation.GoToLoginPage(browser); ED = LP.LoginAsUser(role.Username, role.Password);//10021375,10021377,21387 Gcep = ED.ClickToAdvance(ED.GcepLnk); InstitutionsPage Instute = Gcep.ClickToAdvance(Gcep.InstitutionManagLnk); InstitutionsGCEPPage InsGcep = Instute.SearchforInstitutions("Ellis Hospital"); ProgramsPage Program = InsGcep.ClickToAdvance(InsGcep.InstitutionProgramManagmentLnk); Program.UnassignCurriculum(); CurriculumMngPage Curriculum = InsGcep.ClickToAdvance(InsGcep.InstitutionCurriculumTmpLnk); Curriculum.Search("Learning111!!!"); Curriculum.DeleteCurriculum("Learning111!!!"); }
public void NewPagesMovedPagesWrongRestrictions() { //Assumptions: // Role 'Contributor' exist //Actions: // Create user user1 with "Contributor" role // Create user user2 with "Contributor" role // Create page page1 // Set page1 restriction as private // Set grant to page1 for user1 // Set page2 restriction as private // Set grant to page2 for user2 // Move page page2 to page1 //Expected result: // List of grants didn't change for page2 Plug p = Utils.BuildPlugForAdmin(); string userid1 = null; DreamMessage msg = UserUtils.CreateRandomContributor(p, out userid1); string pageid1 = null; string pagename1 = null; msg = PageUtils.CreateRandomPage(p, out pageid1, out pagename1); XDoc securityDoc = new XDoc("security") .Start("permissions.page") .Elem("restriction", "Private") .End() .Start("grants") .Start("grant") .Start("permissions") .Elem("role", "Contributor") .End() .Start("user").Attr("id", userid1).End() .End() .End(); msg = p.At("pages", pageid1, "security").Put(securityDoc); Assert.IsTrue(msg.IsSuccessful, "Failed to set page to private"); string userid2 = null; msg = UserUtils.CreateRandomContributor(p, out userid2); string pageid2 = null; string pagename2 = null; msg = PageUtils.CreateRandomPage(p, out pageid2, out pagename2); securityDoc = new XDoc("security") .Start("permissions.page") .Elem("restriction", "Private") .End() .Start("grants") .Start("grant") .Start("permissions") .Elem("role", "Contributor") .End() .Start("user").Attr("id", userid2).End() .End() .End(); msg = p.At("pages", pageid2, "security").Put(securityDoc); Assert.IsTrue(msg.IsSuccessful, "Failed to set page to private"); msg = PageUtils.MovePage(p, pagename2, pagename1 + "/" + pagename2); msg = p.At("pages", pageid2, "security").Get(); Assert.IsTrue(msg.IsSuccessful); Assert.AreEqual(msg.ToDocument()["permissions.page/restriction"].Contents, "Private"); Assert.AreEqual(msg.ToDocument()[string.Format("grants/grant[user/@id=\"{0}\"]/permissions/role", userid2)].Contents, "Contributor"); Assert.IsTrue(msg.ToDocument()[string.Format("grants/grant[user/@id=\"{0}\"]/permissions/role", userid1)].IsEmpty); }
protected void Change_Password(object sender, EventArgs e) { // validate inputs if (!ValidateFields()) { return; } if (UserUtils.AccountAgeMinute(Session["Email"].ToString()) <= 5) { showFeedback("You have previously changed your password, you may reset again after 5 minutes after previous reset."); return; } string email = Session["email"].ToString(); string password = tb_curPassword.Text.Trim(); string newPassword = tb_newPassword.Text.Trim(); string pHash = null; string pSalt = null; string userId = null; string pHashNew = null; string queryString = "SELECT * FROM dbo.[Users] WHERE [Email] = @Email;"; using (SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["MYDBConnection"].ConnectionString)) { // Create the Command and Parameter objects. SqlCommand command = new SqlCommand(queryString, connection); command.Parameters.AddWithValue("@Email", email); // Open the connection in a try/catch block. // Create and execute the DataReader, writing the result // set to the console window. try { connection.Open(); SqlDataReader reader = command.ExecuteReader(); while (reader.Read()) { pHash = reader["PasswordHash"].ToString(); pSalt = reader["PasswordSalt"].ToString(); userId = reader["Id"].ToString(); } reader.Close(); } catch (Exception ex) { throw ex; } } // ensure if (pHash != null && pSalt != null) { // ensure authentication before authorizing if (Password.ComparePasswordHash(Password.GetPasswordHash(password, pSalt), pHash)) { // get string hash of the new password to check and change if there are no existance of it pHashNew = Convert.ToBase64String(Password.GetPasswordHash(newPassword, pSalt)); bool passwordHistory = false; // checks in password history if password has been used before // https://docs.microsoft.com/en-us/sql/t-sql/queries/select-order-by-clause-transact-sql?view=sql-server-ver15#a-specifying-integer-constants-for-offset-and-fetch-values string qStr = "SELECT [Hash] FROM [dbo].[PasswordHistory] WHERE UserId = @UserId and Hash = @Hash ORDER BY CreatedOn DESC OFFSET 0 ROW FETCH first 2 ROWS ONLY;"; using (SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["MYDBConnection"].ConnectionString)) { using (SqlDataAdapter sda = new SqlDataAdapter(qStr, con)) { sda.SelectCommand.CommandType = CommandType.Text; sda.SelectCommand.Parameters.AddWithValue("@UserId", userId); sda.SelectCommand.Parameters.AddWithValue("@Hash", pHashNew); DataSet da = new DataSet(); sda.Fill(da); passwordHistory = (da.Tables[0].Rows.Count > 0); } } if (passwordHistory) { showFeedback("Previously 2 old passwords cannot be used."); return; } Password.UpdatePassword(userId, pHashNew); Password.SavePasswordHashToHistory(userId, pHash); showFeedback("Password has been updated."); lbl_feedback.ForeColor = Color.Green; } else { showFeedback("Current password is invalid, please try again."); return; } } }