public void MaskPasswordTest()
        {
            var tests = new ListOfTuples <string, string[]>
            {
                // Format: connection string, expected content.
                { "Server=tcp:name.database.windows.net,1433;Initial Catalog=RhetosAzureDB;Persist Security Info=False;User ID=jjj;Password=jjj;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;",
                  new[] { "tcp:name.database.windows.net,1433", "RhetosAzureDB" } },
                { "Data Source=localhost;Initial Catalog=Rhetos;Integrated Security=SSPI;",
                  new[] { "localhost", "Rhetos" } },
                { "User Id=jjj;Password=jjj;Data Source=localhost:1521/xe;",
                  new[] { "localhost:1521/xe" } },
                { "User Id=jjj;Password='******';Data Source=localhost:1521/xe;",
                  new[] { "localhost:1521/xe" } },
                { "User Id=jjj;Password=\"jjj;jjj=jjj\";Data Source=localhost:1521/xe;",
                  new[] { "localhost:1521/xe" } },
                { "';[]=-",
                  Array.Empty <string>() },
            };

            foreach (var test in tests)
            {
                Console.WriteLine(test.Item1);
                string report = SqlUtility.SqlConnectionInfo(test.Item1);
                Console.WriteLine("=> " + report);

                TestUtility.AssertNotContains(report, "j", "Username or password leaked.");
                if (test.Item2.Any())
                {
                    TestUtility.AssertContains(report, test.Item2);
                }
            }
        }
Example #2
0
        public void OptimizeInGuid()
        {
            using (var container = new RhetosTestContainer())
            {
                var context    = container.Resolve <Common.ExecutionContext>();
                var repository = context.Repository;

                var s1 = new TestGenericFilter.Simple {
                    Name = "s1"
                };
                var s2 = new TestGenericFilter.Simple {
                    Name = "s2"
                };
                var s3 = new TestGenericFilter.Simple {
                    Name = "s3"
                };
                var s4 = new TestGenericFilter.Simple {
                    Name = "s4"
                };
                repository.TestGenericFilter.Simple.Insert(s1, s2, s3, s4);

                var c1 = new TestGenericFilter.Child {
                    Name = "c1", ParentID = s1.ID
                };
                var c2 = new TestGenericFilter.Child {
                    Name = "c2", ParentID = s2.ID
                };
                var c3 = new TestGenericFilter.Child {
                    Name = "c3", ParentID = s3.ID
                };
                var c4 = new TestGenericFilter.Child {
                    Name = "c4", ParentID = s4.ID
                };
                repository.TestGenericFilter.Child.Insert(c1, c2, c3, c4);

                var filter = new[]
                {
                    new FilterCriteria("ID", "in", new List <Guid> {
                        c1.ID, c2.ID, c3.ID, c4.ID
                    }),
                    new FilterCriteria("ID", "notin", new List <Guid> {
                        c1.ID
                    }),
                    new FilterCriteria("ParentID", "notin", new List <Guid> {
                        s2.ID
                    }),
                };

                var q   = repository.TestGenericFilter.Child.Query(filter);
                var sql = q.ToString();
                Console.WriteLine(sql);
                Assert.AreEqual("c3, c4", TestUtility.DumpSorted(q, c => c.Name));

                TestUtility.AssertNotContains(q.ToString(), c3.ID.ToString(), "Optimized ID 'in'.");
                TestUtility.AssertNotContains(q.ToString(), c1.ID.ToString(), "Optimized ID 'notin'.");
                TestUtility.AssertNotContains(q.ToString(), s2.ID.ToString(), "Optimized ParentID 'notin'.");
            }
        }
Example #3
0
        public void InvalidConnectionStringFormat()
        {
            string invalidConnectionString = "<ENTER_CONNECTION_STRING_HERE>";

            var ex = TestUtility.ShouldFail <ArgumentException>(
                () => ConnectionTesting.ValidateDbConnection(invalidConnectionString, null),
                "Database connection string has invalid format",
                "ConnectionStrings:RhetosConnectionString");

            TestUtility.AssertNotContains(
                ex.ToString(),
                new[] { invalidConnectionString },
                "The connection string should not be reported in the error message or error log, because it could contain a password.");
        }
Example #4
0
        public void AfterCloseFailed()
        {
            var    id1       = Guid.NewGuid();
            var    log       = new List <string>();
            var    systemLog = new List <string>();
            string testName  = TestNamePrefix + Guid.NewGuid();

            using (var scope = RhetosProcessHelper.CreateScope(builder =>
                                                               builder.AddLogMonitor(systemLog, EventType.Trace)))
            {
                var transaction = scope.Resolve <IPersistenceTransaction>();
                transaction.BeforeClose += () => log.Add("before");
                transaction.AfterClose  += () => log.Add("after1");
                transaction.AfterClose  += () => throw new InvalidOperationException(testName);
                transaction.AfterClose  += () => log.Add("after2");

                var repository = scope.Resolve <Common.DomRepository>();
                repository.TestEntity.BaseEntity.Insert(new TestEntity.BaseEntity {
                    ID = id1, Name = testName
                });

                TestUtility.ShouldFail <InvalidOperationException>(
                    () => scope.CommitAndClose(),
                    testName);

                TestUtility.AssertNotContains(
                    string.Join(Environment.NewLine, systemLog),
                    new[] { "Rolling back transaction" });

                TestUtility.ShouldFail <FrameworkException>(
                    () => Assert.IsNull(transaction.Connection),
                    "Trying to use the Connection property of a disposed persistence transaction.");
            }

            Assert.AreEqual("before, after1", TestUtility.Dump(log));

            using (var scope = RhetosProcessHelper.CreateScope())
            {
                var context = scope.Resolve <Common.ExecutionContext>();
                Assert.IsTrue(context.Repository.TestEntity.BaseEntity.Query(new[] { id1 }).Any());
            }
        }
Example #5
0
        public void OptimizedInheritingRowPermissions()
        {
            using (var scope = TestScope.Create())
            {
                var context    = scope.Resolve <Common.ExecutionContext>();
                var repository = context.Repository;

                var    query = repository.DemoRowPermissions2.DocumentInfo.Query();
                string rowPermissionFilter = repository.DemoRowPermissions2.DocumentInfo
                                             .GetRowPermissionsReadExpression(query, repository, context)
                                             .ToString();
                Console.WriteLine("[Row permission filter] " + rowPermissionFilter);

                TestUtility.AssertNotContains(rowPermissionFilter, "documentinfoItem.Base.Division",
                                              "SamePropertyValue concept should optimize row permissions to use Division property directly on 'DocumentInfo', instead of referencing the base entity 'Document'.");

                TestUtility.AssertContains(rowPermissionFilter, "documentinfoItem.Division2",
                                           "Internal error: Division2 property should be used in this row permissions.");
            }
        }
Example #6
0
        public void SerializationMustNotDependOnClientOrServerDllName()
        {
            using (var container = new RhetosTestContainer())
            {
                var item = new TestDataStructure.SimpleDataStructure2 {
                    SimpleShortString = "abc"
                };
                string xml = container.Resolve <XmlUtility>().SerializeToXml(item);
                Console.WriteLine(xml);

                var type = typeof(TestDataStructure.SimpleDataStructure2);
                Console.WriteLine();
                Console.WriteLine(type.AssemblyQualifiedName);
                TestUtility.AssertNotContains(xml, type.AssemblyQualifiedName);

                var dllName = type.Assembly.FullName.Split(',')[0];
                Console.WriteLine();
                Console.WriteLine("dll: \"" + dllName + "\"");
                TestUtility.AssertNotContains(xml, dllName);
            }
        }
Example #7
0
        public void OptimizeEqualsGuidTest()
        {
            using (var container = new RhetosTestContainer())
            {
                var repository = container.Resolve <Common.DomRepository>();
                var id         = Guid.NewGuid();

                var sqlQuery1 = repository.TestGenericFilter.Child.Query(new FilterCriteria("ID", "equals", id)).ToString();
                TestUtility.AssertNotContains(sqlQuery1, id.ToString());

                var sqlQuery2 = repository.TestGenericFilter.Child.Query(new FilterCriteria("ParentID", "equals", id)).ToString();
                TestUtility.AssertNotContains(sqlQuery2, id.ToString());

                var nullableId = new Nullable <Guid>(Guid.NewGuid());
                var sqlQuery3  = repository.TestGenericFilter.Child.Query(new FilterCriteria("ID", "equals", nullableId)).ToString();
                TestUtility.AssertNotContains(sqlQuery3, nullableId.Value.ToString());

                var sqlQuery4 = repository.TestGenericFilter.Child.Query(new FilterCriteria("ParentID", "equals", nullableId)).ToString();
                TestUtility.AssertNotContains(sqlQuery4, nullableId.Value.ToString());
            }
        }