public ResetPasswordValidator(IQueryEntities entities, IStorePasswords passwords)
{
CascadeMode = CascadeMode.StopOnFirstFailure;
EmailConfirmation confirmation = null;
RuleFor(p => p.Token)
// token cannot be an empty guid
.NotEmpty()
.WithMessage(ValidateEmailConfirmation.FailedBecauseTokenWasEmpty,
p => p.Token)
// token must match a confirmation
.Must(p => ValidateEmailConfirmation.TokenMatchesEntity(p, entities, out confirmation))
.WithMessage(ValidateEmailConfirmation.FailedBecauseTokenMatchedNoEntity,
p => p.Token)
;
RuleFor(p => p.Ticket)
// ticket cannot be empty
.NotEmpty()
.WithMessage(ValidateEmailConfirmation.FailedBecauseTicketWasEmpty)
;
RuleFor(p => p.Password)
// cannot be empty
.NotEmpty()
.WithMessage(ValidatePassword.FailedBecausePasswordWasEmpty)
// length must be between 6 and 100 characters
.Length(passwords.MinimumPasswordLength, int.MaxValue)
.WithMessage(ValidatePassword.FailedBecausePasswordWasTooShort(passwords.MinimumPasswordLength))
;
RuleFor(p => p.PasswordConfirmation)
// cannot be empty
.NotEmpty()
.WithMessage(ValidatePassword.FailedBecausePasswordConfirmationWasEmpty)
;
RuleFor(p => p.PasswordConfirmation)
// must match password unless password is invalid or password confirmation is empty
.Equal(p => p.Password)
.Unless(p =>
string.IsNullOrWhiteSpace(p.PasswordConfirmation) ||
string.IsNullOrWhiteSpace(p.Password) ||
p.Password.Length < passwords.MinimumPasswordLength)
.WithMessage(ValidatePassword.FailedBecausePasswordConfirmationDidNotEqualPassword)
;
// when confirmation is not null,
When(p => confirmation != null, () =>
{
RuleFor(p => p.Token)
// its intent must be to reset password
.Must(p => confirmation.Intent == EmailConfirmationIntent.ResetPassword)
.WithMessage(ValidateEmailConfirmation.FailedBecauseIntentWasIncorrect,
p => confirmation.Intent, p => confirmation.Token)
// it cannot be expired
.Must(p => !confirmation.IsExpired)
.WithMessage(ValidateEmailConfirmation.FailedBecauseIsExpired,
p => confirmation.Token, p => confirmation.ExpiresOnUtc)
// it cannot be retired
.Must(p => !confirmation.IsRetired)
.WithMessage(ValidateEmailConfirmation.FailedBecauseIsRetired,
p => confirmation.Token, p => confirmation.RetiredOnUtc)
// it must be redeemed
.Must(p => confirmation.IsRedeemed)
.WithMessage(ValidateEmailConfirmation.FailedBecauseIsNotRedeemed,
p => confirmation.Token)
// email address must be confirmed
.Must(p => ValidateEmailAddress.IsConfirmed(confirmation.EmailAddress))
.WithMessage(ValidateEmailAddress.FailedBecauseIsNotConfirmed,
p => confirmation.EmailAddress.Value)
// it must be attached to a user
.Must(p => ValidatePerson.UserIsNotNull(confirmation.EmailAddress.Person))
.WithMessage(ValidatePerson.FailedBecauseUserWasNull,
p => confirmation.EmailAddress.Person.DisplayName)
// user cannot have a saml account
.Must(p => ValidateUser.EduPersonTargetedIdIsEmpty(confirmation.EmailAddress.Person.User))
.WithMessage(ValidateUser.FailedBecauseEduPersonTargetedIdWasNotEmpty,
p => confirmation.EmailAddress.Person.User.Name)
// user name must match local member account
.Must(p => ValidateUser.NameMatchesLocalMember(confirmation.EmailAddress.Person.User.Name, passwords))
.WithMessage(ValidateUser.FailedBecauseNameMatchedNoLocalMember,
p => confirmation.EmailAddress.Person.User.Name)
;
RuleFor(p => p.Ticket)
// its ticket must match the command ticket
.Must(p => ValidateEmailConfirmation.TicketIsCorrect(confirmation, p))
.WithMessage(ValidateEmailConfirmation.FailedBecauseTicketWasIncorrect,
p => p.Ticket, p => p.Token)
;
});
}
public SendConfirmEmailMessageValidator(IQueryEntities entities, IStorePasswords passwords)
{
CascadeMode = CascadeMode.StopOnFirstFailure;
Person person = null;
var loadPerson = new Expression <Func <Person, object> >[]
{
p => p.Emails,
p => p.User
};
Establishment establishment = null;
var loadEstablishment = new Expression <Func <Establishment, object> >[]
{
e => e.SamlSignOn,
};
RuleFor(p => p.EmailAddress)
//cannot be empty
.NotEmpty()
.WithMessage(ValidateEmailAddress.FailedBecauseValueWasEmpty)
// must be valid against email address regular expression
.EmailAddress()
.WithMessage(ValidateEmailAddress.FailedBecauseValueWasNotValidEmailAddress)
// must match a person
.Must(p => ValidateEmailAddress.ValueMatchesPerson(p, entities, loadPerson, out person))
.WithMessage(ValidateEmailAddress.FailedBecauseValueMatchedNoPerson,
p => p.EmailAddress)
// must match an establishment
.Must(p => ValidateEstablishment.EmailMatchesEntity(p, entities, loadEstablishment, out establishment))
.WithMessage(ValidateEstablishment.FailedBecauseEmailMatchedNoEntity,
p => p.EmailAddress)
// establishment must be a member
.Must(p => establishment.IsMember)
.WithMessage(ValidateEstablishment.FailedBecauseEstablishmentIsNotMember,
p => establishment.RevisionId)
;
// when person is not null and intent is to reset password,
When(p => person != null && p.Intent == EmailConfirmationIntent.ResetPassword, () =>
RuleFor(p => p.EmailAddress)
// the establishment must not have saml sign on
.Must(p => !establishment.HasSamlSignOn())
.WithMessage(ValidateEstablishment.FailedBecauseEstablishmentHasSamlSignOn,
p => establishment.RevisionId)
// the matched person must have a user
.Must(p => ValidatePerson.UserIsNotNull(person))
.WithMessage(ValidatePerson.FailedBecauseUserWasNull,
p => person.DisplayName)
// the user must not have a SAML account
.Must(p => ValidateUser.EduPersonTargetedIdIsEmpty(person.User))
.WithMessage(ValidateUser.FailedBecauseEduPersonTargetedIdWasNotEmpty,
p => person.User.Name)
// the email address' person's user's name must match a local member account
.Must(p => ValidateUser.NameMatchesLocalMember(person.User.Name, passwords))
.WithMessage(ValidateUser.FailedBecauseNameMatchedNoLocalMember,
p => person.User.Name)
// the email address must be confirmed
.Must(p => ValidateEmailAddress.IsConfirmed(person.GetEmail(p)))
.WithMessage(ValidateEmailAddress.FailedBecauseIsNotConfirmed,
p => p.EmailAddress)
);
}