Ejemplo n.º 1
0
        public ResetPasswordValidator(IQueryEntities entities, IStorePasswords passwords)
        {
            CascadeMode = CascadeMode.StopOnFirstFailure;

            EmailConfirmation confirmation = null;

            RuleFor(p => p.Token)
            // token cannot be an empty guid
            .NotEmpty()
            .WithMessage(ValidateEmailConfirmation.FailedBecauseTokenWasEmpty,
                         p => p.Token)
            // token must match a confirmation
            .Must(p => ValidateEmailConfirmation.TokenMatchesEntity(p, entities, out confirmation))
            .WithMessage(ValidateEmailConfirmation.FailedBecauseTokenMatchedNoEntity,
                         p => p.Token)
            ;

            RuleFor(p => p.Ticket)
            // ticket cannot be empty
            .NotEmpty()
            .WithMessage(ValidateEmailConfirmation.FailedBecauseTicketWasEmpty)
            ;

            RuleFor(p => p.Password)
            // cannot be empty
            .NotEmpty()
            .WithMessage(ValidatePassword.FailedBecausePasswordWasEmpty)
            // length must be between 6 and 100 characters
            .Length(passwords.MinimumPasswordLength, int.MaxValue)
            .WithMessage(ValidatePassword.FailedBecausePasswordWasTooShort(passwords.MinimumPasswordLength))
            ;

            RuleFor(p => p.PasswordConfirmation)
            // cannot be empty
            .NotEmpty()
            .WithMessage(ValidatePassword.FailedBecausePasswordConfirmationWasEmpty)
            ;

            RuleFor(p => p.PasswordConfirmation)
            // must match password unless password is invalid or password confirmation is empty
            .Equal(p => p.Password)
            .Unless(p =>
                    string.IsNullOrWhiteSpace(p.PasswordConfirmation) ||
                    string.IsNullOrWhiteSpace(p.Password) ||
                    p.Password.Length < passwords.MinimumPasswordLength)
            .WithMessage(ValidatePassword.FailedBecausePasswordConfirmationDidNotEqualPassword)
            ;

            // when confirmation is not null,
            When(p => confirmation != null, () =>
            {
                RuleFor(p => p.Token)
                // its intent must be to reset password
                .Must(p => confirmation.Intent == EmailConfirmationIntent.ResetPassword)
                .WithMessage(ValidateEmailConfirmation.FailedBecauseIntentWasIncorrect,
                             p => confirmation.Intent, p => confirmation.Token)
                // it cannot be expired
                .Must(p => !confirmation.IsExpired)
                .WithMessage(ValidateEmailConfirmation.FailedBecauseIsExpired,
                             p => confirmation.Token, p => confirmation.ExpiresOnUtc)
                // it cannot be retired
                .Must(p => !confirmation.IsRetired)
                .WithMessage(ValidateEmailConfirmation.FailedBecauseIsRetired,
                             p => confirmation.Token, p => confirmation.RetiredOnUtc)
                // it must be redeemed
                .Must(p => confirmation.IsRedeemed)
                .WithMessage(ValidateEmailConfirmation.FailedBecauseIsNotRedeemed,
                             p => confirmation.Token)
                // email address must be confirmed
                .Must(p => ValidateEmailAddress.IsConfirmed(confirmation.EmailAddress))
                .WithMessage(ValidateEmailAddress.FailedBecauseIsNotConfirmed,
                             p => confirmation.EmailAddress.Value)
                // it must be attached to a user
                .Must(p => ValidatePerson.UserIsNotNull(confirmation.EmailAddress.Person))
                .WithMessage(ValidatePerson.FailedBecauseUserWasNull,
                             p => confirmation.EmailAddress.Person.DisplayName)
                // user cannot have a saml account
                .Must(p => ValidateUser.EduPersonTargetedIdIsEmpty(confirmation.EmailAddress.Person.User))
                .WithMessage(ValidateUser.FailedBecauseEduPersonTargetedIdWasNotEmpty,
                             p => confirmation.EmailAddress.Person.User.Name)
                // user name must match local member account
                .Must(p => ValidateUser.NameMatchesLocalMember(confirmation.EmailAddress.Person.User.Name, passwords))
                .WithMessage(ValidateUser.FailedBecauseNameMatchedNoLocalMember,
                             p => confirmation.EmailAddress.Person.User.Name)
                ;

                RuleFor(p => p.Ticket)
                // its ticket must match the command ticket
                .Must(p => ValidateEmailConfirmation.TicketIsCorrect(confirmation, p))
                .WithMessage(ValidateEmailConfirmation.FailedBecauseTicketWasIncorrect,
                             p => p.Ticket, p => p.Token)
                ;
            });
        }
        public SendConfirmEmailMessageValidator(IQueryEntities entities, IStorePasswords passwords)
        {
            CascadeMode = CascadeMode.StopOnFirstFailure;

            Person person     = null;
            var    loadPerson = new Expression <Func <Person, object> >[]
            {
                p => p.Emails,
                p => p.User
            };

            Establishment establishment     = null;
            var           loadEstablishment = new Expression <Func <Establishment, object> >[]
            {
                e => e.SamlSignOn,
            };

            RuleFor(p => p.EmailAddress)
            //cannot be empty
            .NotEmpty()
            .WithMessage(ValidateEmailAddress.FailedBecauseValueWasEmpty)
            // must be valid against email address regular expression
            .EmailAddress()
            .WithMessage(ValidateEmailAddress.FailedBecauseValueWasNotValidEmailAddress)
            // must match a person
            .Must(p => ValidateEmailAddress.ValueMatchesPerson(p, entities, loadPerson, out person))
            .WithMessage(ValidateEmailAddress.FailedBecauseValueMatchedNoPerson,
                         p => p.EmailAddress)
            // must match an establishment
            .Must(p => ValidateEstablishment.EmailMatchesEntity(p, entities, loadEstablishment, out establishment))
            .WithMessage(ValidateEstablishment.FailedBecauseEmailMatchedNoEntity,
                         p => p.EmailAddress)
            // establishment must be a member
            .Must(p => establishment.IsMember)
            .WithMessage(ValidateEstablishment.FailedBecauseEstablishmentIsNotMember,
                         p => establishment.RevisionId)
            ;

            // when person is not null and intent is to reset password,
            When(p => person != null && p.Intent == EmailConfirmationIntent.ResetPassword, () =>
                 RuleFor(p => p.EmailAddress)
                 // the establishment must not have saml sign on
                 .Must(p => !establishment.HasSamlSignOn())
                 .WithMessage(ValidateEstablishment.FailedBecauseEstablishmentHasSamlSignOn,
                              p => establishment.RevisionId)
                 // the matched person must have a user
                 .Must(p => ValidatePerson.UserIsNotNull(person))
                 .WithMessage(ValidatePerson.FailedBecauseUserWasNull,
                              p => person.DisplayName)
                 // the user must not have a SAML account
                 .Must(p => ValidateUser.EduPersonTargetedIdIsEmpty(person.User))
                 .WithMessage(ValidateUser.FailedBecauseEduPersonTargetedIdWasNotEmpty,
                              p => person.User.Name)
                 // the email address' person's user's name must match a local member account
                 .Must(p => ValidateUser.NameMatchesLocalMember(person.User.Name, passwords))
                 .WithMessage(ValidateUser.FailedBecauseNameMatchedNoLocalMember,
                              p => person.User.Name)
                 // the email address must be confirmed
                 .Must(p => ValidateEmailAddress.IsConfirmed(person.GetEmail(p)))
                 .WithMessage(ValidateEmailAddress.FailedBecauseIsNotConfirmed,
                              p => p.EmailAddress)
                 );
        }