public void Can_persist_preconfigured_permissions()
{
var sut = new UserAuthRepoFixtureBuilder()
.WithUsers(
new UserAuth()
{
Id = 5,
UserName = "******",
Permissions = new[] { "perm1", "perm2", "perm3" }.ToList()
}, new UserAuth()
{
Id = 2,
UserName = "******",
Permissions = new[] { "perm3" }.ToList()
}
)
.Build();
var result = sut.HasPermission("5", "perm2");
var invalidPermission = sut.HasPermission("5", "perm4");
var invalidUserPermission = sut.HasPermission("2", "perm2");
Assert.True(result);
Assert.False(invalidPermission);
Assert.False(invalidUserPermission);
}
public void Can_manage_api_keys()
{
var sut = new UserAuthRepoFixtureBuilder()
.WithApiKeys(new ApiKey()
{
UserAuthId = "4",
Id = "foo-key1",
},
new ApiKey()
{
UserAuthId = "4",
Id = "foo-keyy2"
},
new ApiKey()
{
UserAuthId = "5",
Id = "foobarkey1"
})
.Build() as IManageApiKeys;
Assert.True(sut.ApiKeyExists("foo-key1"));
Assert.True(sut.ApiKeyExists("foobarkey1"));
Assert.Equal("5", sut.GetApiKey("foobarkey1").UserAuthId);
Assert.Equal(new[] { "foo-key1", "foo-keyy2" }, sut.GetUserApiKeys("4").Select(x => x.Id));
}
public void Can_unassign_permissions()
{
var sut = new UserAuthRepoFixtureBuilder()
.WithUsers(
new UserAuth()
{
Id = 5,
UserName = "******",
Permissions = new[] { "perm1", "perm3" }.ToList()
}, new UserAuth()
{
Id = 2,
UserName = "******",
Permissions = new[] { "perm3" }.ToList()
}
)
.Build();
sut.AssignRoles("5", permissions: new[] { "perm3" });
sut.UnAssignRoles("5", permissions: new[] { "perm2", "perm1" });
sut.UnAssignRoles("2", permissions: new[] { "perm3" });
var hasRemovedPermission1 = sut.HasPermission("5", "perm2");
var hasRemovedPermission2 = sut.HasPermission("5", "perm1");
var hasUnremovedPermission = sut.HasPermission("5", "perm3");
Assert.True(hasUnremovedPermission);
Assert.False(hasRemovedPermission1);
Assert.False(hasRemovedPermission2);
Assert.False(sut.HasPermission("2", "perm3"));
}
public void Permission_query_uses_psql_json_contains()
{
var sut = new UserAuthRepoFixtureBuilder()
.Build();
sut.Execute(session => {
var command = session.Query <UserAuth>()
.Where(x => x.Permissions.Contains("perm3") && x.Id == 2)
.ToCommand(FetchType.Any);
// uses JSONb contains operator
Assert.Contains("@>", command.CommandText);
});
}
public void Can_create_user()
{
var sut = new UserAuthRepoFixtureBuilder()
.Build();
var user = new UserAuth()
{
UserName = "******",
FirstName = "Mike"
};
var created = sut.CreateUserAuth(user, "12345");
Assert.NotEqual(default(int), created.Id);
}
public void Can_load_user_auth_by_email()
{
var sut = new UserAuthRepoFixtureBuilder()
.WithUser(new UserAuth()
{
UserName = "******",
Email = "*****@*****.**",
FirstName = "Mike"
}, "123456")
.Build();
var user = sut.GetUserAuthByUserName("*****@*****.**");
Assert.NotNull(user);
Assert.Equal("Mike", user.FirstName);
}
public void Get_user_by_name_uses_separate_field()
{
var sut = new UserAuthRepoFixtureBuilder()
.Build();
sut.Execute(session =>
{
var command = session.Query <UserAuth>()
.Where(x => x.UserName.Equals("bob", StringComparison.CurrentCultureIgnoreCase))
.ToCommand(FetchType.FetchOne);
// does not operate on JSONb
Assert.DoesNotContain(">", command.CommandText);
// matches d.user_name ILIKE
Assert.Matches(@"\w+\.user_name\s+ILIKE", command.CommandText);
});
}
public void Can_create_multiple_users()
{
var sut = new UserAuthRepoFixtureBuilder()
.WithUsers(
new UserAuth()
{
UserName = "******"
},
new UserAuth()
{
UserName = "******"
}
)
.Build();
Assert.Equal(2, sut.Execute(session => session.Query <UserAuth>().Count()));
}
public void Can_record_invalid_auth_attempts()
{
var sut = new UserAuthRepoFixtureBuilder()
.WithUser(new UserAuth()
{
UserName = "******"
}, "bob2")
.Build();
IUserAuth user;
// invalid password
var result = sut.TryAuthenticate("bob", "wrongpassword", out user);
var user2 = sut.GetUserAuthByUserName("bob");
Assert.False(result);
Assert.Null(user);
Assert.Equal(1, user2.InvalidLoginAttempts);
Assert.True((DateTime.UtcNow - user2.LastLoginAttempt.Value).TotalSeconds <= 1);
}
