public void BasicProperties_Assigned()
{
var sub = new MockUserAccount("ten", "user", "pass", "email");
var now = new DateTime(2000, 2, 3, 8, 30, 0);
sub.Setup(x => x.UtcNow).Returns(now);
Assert.AreEqual("ten", sub.Object.Tenant);
Assert.AreEqual("user", sub.Object.Username);
Assert.AreEqual("email", sub.Object.Email);
Assert.AreEqual(now, sub.Object.Created);
sub.Verify(x => x.SetPassword("pass"));
}
public void EmailIsUsername_AllowEmailChangeWhenEmailIsUsername_WhenFail_DoesNotUpdatesUsername()
{
SecuritySettings.Instance.EmailIsUsername = true;
SecuritySettings.Instance.AllowEmailChangeWhenEmailIsUsername = true;
var sub = new MockUserAccountService();
var account = new MockUserAccount();
sub.Mock.Setup(x => x.GetByVerificationKey(It.IsAny<string>())).Returns(account.Object);
sub.Mock.Setup(x => x.Authenticate(It.IsAny<UserAccount>(), It.IsAny<string>(), It.IsAny<int>(), It.IsAny<TimeSpan>())).Returns(true);
account.Setup(x => x.ChangeEmailFromKey(It.IsAny<string>(), It.IsAny<string>())).Returns(false);
sub.Object.ChangeEmailFromKey("pass", "key", "*****@*****.**");
Assert.AreNotEqual("*****@*****.**", account.Object.Username);
}
public void VerifyFails_DoesNotCallNotificationService()
{
var sub = new MockUserAccountService();
sub.NotificationService = new Mock<INotificationService>();
var account = new MockUserAccount();
sub.Mock.Setup(x => x.GetByVerificationKey(It.IsAny<string>())).Returns(account.Object);
account.Setup(x => x.VerifyAccount(It.IsAny<string>())).Returns(false);
sub.Object.VerifyAccount("key");
sub.NotificationService.Verify(x => x.SendAccountVerified(It.IsAny<UserAccount>()), Times.Never());
}
public void EmailIsUsername_AllowEmailChangeWhenEmailIsUsername_ReturnsSuccess()
{
SecuritySettings.Instance.EmailIsUsername = true;
SecuritySettings.Instance.AllowEmailChangeWhenEmailIsUsername = true;
var sub = new MockUserAccountService();
var account = new MockUserAccount();
sub.Mock.Setup(x => x.GetByUsername(It.IsAny<string>(), It.IsAny<string>())).Returns(account.Object);
account.Setup(x => x.ChangeEmailRequest(It.IsAny<string>())).Returns(true);
Assert.IsTrue(sub.Object.ChangeEmailRequest("user", "*****@*****.**"));
}
public void UserAccountChangeEmailFromKeySuccess_SaveChangesCalled()
{
var sub = new MockUserAccountService();
var account = new MockUserAccount();
sub.Mock.Setup(x => x.GetByVerificationKey(It.IsAny<string>())).Returns(account.Object);
sub.Mock.Setup(x => x.Authenticate(It.IsAny<UserAccount>(), It.IsAny<string>(), It.IsAny<int>(), It.IsAny<TimeSpan>())).Returns(true);
account.Setup(x => x.ChangeEmailFromKey(It.IsAny<string>(), It.IsAny<string>())).Returns(true);
sub.Object.ChangeEmailFromKey("pass", "key", "*****@*****.**");
sub.UserAccountRepository.Verify(x => x.SaveChanges());
}
public void UserAccountChangeEmailRequestFail_ReturnsFail()
{
var sub = new MockUserAccountService();
var account = new MockUserAccount();
sub.Mock.Setup(x => x.GetByUsername(It.IsAny<string>(), It.IsAny<string>())).Returns(account.Object);
account.Setup(x => x.ChangeEmailRequest(It.IsAny<string>())).Returns(false);
Assert.IsFalse(sub.Object.ChangeEmailRequest("user", "*****@*****.**"));
}
public void UserAccountChangeEmailRequestSuccess_CallsSendChangeEmailRequestNotice()
{
var sub = new MockUserAccountService();
sub.NotificationService = new Mock<INotificationService>();
var account = new MockUserAccount();
sub.Mock.Setup(x => x.GetByUsername(It.IsAny<string>(), It.IsAny<string>())).Returns(account.Object);
account.Setup(x => x.ChangeEmailRequest(It.IsAny<string>())).Returns(true);
sub.Object.ChangeEmailRequest("user", "*****@*****.**");
sub.NotificationService.Verify(x => x.SendChangeEmailRequestNotice(account.Object, "*****@*****.**"));
}
public void KeyHasEmailPrefix_ReturnsSuccess()
{
var sub = new MockUserAccount();
sub.Setup(x => x.IsVerificationKeyStale).Returns(false);
sub.Object.VerificationKey = "prefixkey";
sub.Setup(x => x.Hash(It.IsAny<string>())).Returns("prefix");
var result = sub.Object.ChangeEmailFromKey("prefixkey", "*****@*****.**");
Assert.IsTrue(result);
}
public void ChangeEmailFromKeySuccess_SetsNewEmail()
{
var sub = new MockUserAccount();
sub.Setup(x => x.IsVerificationKeyStale).Returns(false);
sub.Object.VerificationKey = "prefixkey";
sub.Setup(x => x.Hash(It.IsAny<string>())).Returns("prefix");
var result = sub.Object.ChangeEmailFromKey("prefixkey", "*****@*****.**");
Assert.AreEqual("*****@*****.**", sub.Object.Email);
}
public void VerificationKeyStale_ReturnsFail()
{
var sub = new MockUserAccount();
sub.Setup(x => x.IsVerificationKeyStale).Returns(true);
var result = sub.Object.ChangeEmailFromKey("key", "*****@*****.**");
Assert.IsFalse(result);
}
public void KeyDoesNotMatch_ReturnsFail()
{
var sub = new MockUserAccount();
sub.Setup(x => x.IsVerificationKeyStale).Returns(false);
sub.Object.VerificationKey = "key1";
var result = sub.Object.ChangeEmailFromKey("key2", "*****@*****.**");
Assert.IsFalse(result);
}
public void ChangeEmailSuccess_VerificationKeyMatchesEmailPrefix_VerificationKeyFlagsNotReset()
{
var sub = new MockUserAccount();
sub.Object.IsAccountVerified = true;
sub.Setup(x => x.IsVerificationKeyStale).Returns(false);
sub.Setup(x => x.Hash(It.IsAny<string>())).Returns("key");
sub.Object.VerificationKey = "key";
var date = new DateTime(2000, 2, 3);
sub.Object.VerificationKeySent = date;
var result = sub.Object.ChangeEmailRequest("*****@*****.**");
Assert.AreEqual("key", sub.Object.VerificationKey);
Assert.AreEqual(date, sub.Object.VerificationKeySent);
}
public void ChangeEmailSuccess_VerificationKeyDoesntMatchEmailPrefix_VerificationKeyFlagsReset()
{
var sub = new MockUserAccount();
sub.Object.IsAccountVerified = true;
sub.Setup(x => x.IsVerificationKeyStale).Returns(false);
sub.Setup(x => x.Hash(It.IsAny<string>())).Returns("hash");
sub.Setup(x => x.GenerateSalt()).Returns("salt");
var now = new DateTime(2000, 2, 3);
sub.Setup(x => x.UtcNow).Returns(now);
sub.Object.VerificationKey = "key";
var result = sub.Object.ChangeEmailRequest("*****@*****.**");
Assert.AreEqual("hashsalt", sub.Object.VerificationKey);
Assert.AreEqual(now, sub.Object.VerificationKeySent);
}
public void FailedLoginCountHigh_LastFailedLoginIsNotRecent_ReturnsFalse()
{
var sub = new MockUserAccount();
sub.Object.FailedLoginCount = 10;
var date = new DateTime(2003, 2, 3, 8, 30, 0);
sub.Setup(x => x.UtcNow).Returns(date);
var duration = TimeSpan.FromMinutes(10);
sub.Object.LastFailedLogin = date.Subtract(TimeSpan.FromMinutes(11));
var result = sub.Object.HasTooManyRecentPasswordFailures(5, duration);
Assert.IsFalse(result);
}
public void UserAccountFails_DoesNotCallsSaveChangesOnUserAccountRepo()
{
var sub = new MockUserAccountService();
var account = new MockUserAccount();
sub.Mock.Setup(x => x.GetByVerificationKey(It.IsAny<string>())).Returns(account.Object);
sub.Object.ChangePasswordFromResetKey("key", "new");
account.Setup(x => x.ChangePasswordFromResetKey(It.IsAny<string>(), It.IsAny<string>())).Returns(false);
sub.Object.ChangePasswordFromResetKey("key", "new");
sub.UserAccountRepository.Verify(x => x.SaveChanges(), Times.Never());
}
public void ChangeEmailFromKeySuccess_VerificationKeysReset()
{
var sub = new MockUserAccount();
sub.Setup(x => x.IsVerificationKeyStale).Returns(false);
sub.Setup(x => x.Hash(It.IsAny<string>())).Returns("prefix");
sub.Object.VerificationKey = "prefixkey";
sub.Object.VerificationKeySent = new DateTime(2000, 2, 3);
var result = sub.Object.ChangeEmailFromKey("prefixkey", "*****@*****.**");
Assert.IsNull(sub.Object.VerificationKey);
Assert.IsNull(sub.Object.VerificationKeySent);
}
public void UserAccountFail_SendPasswordChangeNoticeNotCalled()
{
var sub = new MockUserAccountService();
sub.NotificationService = new Mock<INotificationService>();
var account = new MockUserAccount();
sub.Mock.Setup(x => x.GetByVerificationKey(It.IsAny<string>())).Returns(account.Object);
sub.Object.ChangePasswordFromResetKey("key", "new");
account.Setup(x => x.ChangePasswordFromResetKey(It.IsAny<string>(), It.IsAny<string>())).Returns(false);
sub.Object.ChangePasswordFromResetKey("key", "new");
sub.NotificationService.Verify(x => x.SendPasswordChangeNotice(account.Object), Times.Never());
}
public void userAccountReturnsFalse_ReturnsFalse()
{
var sub = new MockUserAccountService();
var account = new MockUserAccount();
account.Setup(x => x.Authenticate(It.IsAny<string>(), It.IsAny<int>(), It.IsAny<TimeSpan>())).Returns(false);
Assert.IsFalse(sub.Object.Authenticate(account.Object, "pass", 10, TimeSpan.FromDays(1)));
}
public void UserAccountChangeEmailRequestFail_DoesNotCallsSaveChangesOnRepo()
{
var sub = new MockUserAccountService();
var account = new MockUserAccount();
sub.Mock.Setup(x => x.GetByUsername(It.IsAny<string>(), It.IsAny<string>())).Returns(account.Object);
account.Setup(x => x.ChangeEmailRequest(It.IsAny<string>())).Returns(false);
sub.Object.ChangeEmailRequest("user", "*****@*****.**");
sub.UserAccountRepository.Verify(x => x.SaveChanges(), Times.Never());
}
public void UserAccountReturnsFalse_ReturnsFalse()
{
var sub = new MockUserAccountService();
var account = new MockUserAccount();
sub.Mock.Setup(x => x.GetByUsername(It.IsAny<string>(), It.IsAny<string>())).Returns(account.Object);
account.Setup(x => x.ChangePassword(It.IsAny<string>(), It.IsAny<string>(), It.IsAny<int>(), It.IsAny<TimeSpan>())).Returns(false);
Assert.IsFalse(sub.Object.ChangePassword("user", "old", "new"));
}
public void UserAccountChangeEmailRequestFails_DoesNotCallSendChangeEmailRequestNotice()
{
var sub = new MockUserAccountService();
sub.NotificationService = new Mock<INotificationService>();
var account = new MockUserAccount();
sub.Mock.Setup(x => x.GetByUsername(It.IsAny<string>(), It.IsAny<string>())).Returns(account.Object);
account.Setup(x => x.ChangeEmailRequest(It.IsAny<string>())).Returns(false);
sub.Object.ChangeEmailRequest("user", "*****@*****.**");
sub.NotificationService.Verify(x => x.SendChangeEmailRequestNotice(It.IsAny<UserAccount>(), It.IsAny<string>()), Times.Never());
}
public void UserAccountReturnsFalse_SendPasswordChangeNoticeNotCalled()
{
var sub = new MockUserAccountService();
sub.NotificationService = new Mock<INotificationService>();
var account = new MockUserAccount();
sub.Mock.Setup(x => x.GetByUsername(It.IsAny<string>(), It.IsAny<string>())).Returns(account.Object);
account.Setup(x => x.ChangePassword(It.IsAny<string>(), It.IsAny<string>(), It.IsAny<int>(), It.IsAny<TimeSpan>())).Returns(false);
sub.Object.ChangePassword("user", "old", "new");
sub.NotificationService.Verify(x => x.SendPasswordChangeNotice(account.Object), Times.Never());
}
public void UserAccountChangeEmailFromKeyFail_ReturnFail()
{
var sub = new MockUserAccountService();
var account = new MockUserAccount();
sub.Mock.Setup(x => x.GetByVerificationKey(It.IsAny<string>())).Returns(account.Object);
sub.Mock.Setup(x => x.Authenticate(It.IsAny<UserAccount>(), It.IsAny<string>(), It.IsAny<int>(), It.IsAny<TimeSpan>())).Returns(true);
account.Setup(x => x.ChangeEmailFromKey(It.IsAny<string>(), It.IsAny<string>())).Returns(false);
Assert.IsFalse(sub.Object.ChangeEmailFromKey("pass", "key", "*****@*****.**"));
}
public void UserAccountResetPasswordFail_ReturnsFail()
{
var sub = new MockUserAccountService();
var account = new MockUserAccount();
sub.Mock.Setup(x => x.GetByEmail(It.IsAny<string>(), It.IsAny<string>())).Returns(account.Object);
account.Object.IsAccountVerified = true;
account.Setup(x => x.ResetPassword()).Returns(false);
Assert.IsFalse(sub.Object.ResetPassword("email"));
}
public void UserAccountChangeEmailFromKeyFail_SendEmailChangedNoticeNotCalled()
{
var sub = new MockUserAccountService();
sub.NotificationService = new Mock<INotificationService>();
var account = new MockUserAccount();
sub.Mock.Setup(x => x.GetByVerificationKey(It.IsAny<string>())).Returns(account.Object);
sub.Mock.Setup(x => x.Authenticate(It.IsAny<UserAccount>(), It.IsAny<string>(), It.IsAny<int>(), It.IsAny<TimeSpan>())).Returns(true);
account.Setup(x => x.ChangeEmailFromKey(It.IsAny<string>(), It.IsAny<string>())).Returns(false);
sub.Object.ChangeEmailFromKey("pass", "key", "*****@*****.**");
sub.NotificationService.Verify(x => x.SendEmailChangedNotice(It.IsAny<UserAccount>(), It.IsAny<string>()), Times.Never());
}
public void UserAccountResetPasswordFail_SendResetPasswordNotCalled()
{
var sub = new MockUserAccountService();
sub.NotificationService = new Mock<INotificationService>();
var account = new MockUserAccount();
sub.Mock.Setup(x => x.GetByEmail(It.IsAny<string>(), It.IsAny<string>())).Returns(account.Object);
account.Object.IsAccountVerified = true;
account.Setup(x => x.ResetPassword()).Returns(false);
sub.Object.ResetPassword("email");
sub.NotificationService.Verify(x => x.SendResetPassword(account.Object), Times.Never());
}
public void VerifyAccountReturnsFalse_ReturnsFalse()
{
var sub = new MockUserAccountService();
var account = new MockUserAccount();
sub.Mock.Setup(x => x.GetByVerificationKey(It.IsAny<string>())).Returns(account.Object);
account.Setup(x => x.VerifyAccount(It.IsAny<string>())).Returns(false);
Assert.IsFalse(sub.Object.VerifyAccount("key"));
}
public void UserAccountFail_ReturnsFail()
{
var sub = new MockUserAccountService();
var account = new MockUserAccount();
sub.Mock.Setup(x => x.GetByVerificationKey(It.IsAny<string>())).Returns(account.Object);
sub.Object.ChangePasswordFromResetKey("key", "new");
account.Setup(x => x.ChangePasswordFromResetKey(It.IsAny<string>(), It.IsAny<string>())).Returns(false);
Assert.IsFalse(sub.Object.ChangePasswordFromResetKey("key", "new"));
}
public void VerifySucceeds_CallsNotificationService()
{
var sub = new MockUserAccountService();
sub.NotificationService = new Mock<INotificationService>();
var account = new MockUserAccount();
sub.Mock.Setup(x => x.GetByVerificationKey(It.IsAny<string>())).Returns(account.Object);
account.Setup(x => x.VerifyAccount(It.IsAny<string>())).Returns(true);
sub.Object.VerifyAccount("key");
sub.NotificationService.Verify(x => x.SendAccountVerified(account.Object));
}
public void PasswordIncorrect_IncrementsLastFailedCount()
{
var sub = new MockUserAccount();
sub.Object.IsAccountVerified = true;
sub.Object.IsLoginAllowed = true;
sub.Setup(x => x.HasTooManyRecentPasswordFailures(It.IsAny<int>(), It.IsAny<TimeSpan>()))
.Returns(false);
sub.Setup(x => x.VerifyHashedPassword(It.IsAny<string>())).Returns(false);
var now = new DateTime(2000, 2, 3);
sub.Setup(x => x.UtcNow).Returns(now);
sub.Object.FailedLoginCount = 3;
var result = sub.Object.Authenticate("pass", 10, TimeSpan.FromMinutes(5));
Assert.AreEqual(4, sub.Object.FailedLoginCount);
}