public void UserCannotElevateGroupPrivilegeTest()
{
// test that leaving a group with a single owner orphans it correctly to the admin
WebGroupService.TransitAccountGroup t_instance = GetTransitInstance();
t_instance.Id = Create(GetAdminTicket(), t_instance);
// join a user to a group
WebGroupService.TransitAccountGroupAccount t_account = new WebGroupService.TransitAccountGroupAccount();
t_account.AccountGroupId = t_instance.Id;
t_account.AccountId = _user.id;
t_account.IsAdministrator = false;
t_account.Id = EndPoint.CreateOrUpdateAccountGroupAccount(GetAdminTicket(), t_account);
Console.WriteLine("Joined: {0}", t_account.Id);
// attempt to elevate
try
{
t_account.IsAdministrator = true;
EndPoint.CreateOrUpdateAccountGroupAccount(_user.ticket, t_account);
Assert.IsTrue(false, "Expected Access Denied exception.");
}
catch (Exception ex)
{
Console.WriteLine("Exception: {0}", ex.Message);
Assert.AreEqual("System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> SnCore.Services.ManagedAccount+AccessDeniedException: Access denied",
ex.Message.Split("\n".ToCharArray(), 2)[0],
string.Format("Unexpected exception: {0}", ex.Message));
}
Delete(GetAdminTicket(), t_instance.Id);
}
public void CreateOrUpdateAccountGroupPictureTest()
{
// make sure only members can add a picture to a group
WebGroupService.TransitAccountGroupPicture t_instance = GetTransitInstance();
t_instance.AccountId = _user.id;
try
{
// make sure the user is not a member of the group
Assert.IsNull(EndPoint.GetAccountGroupAccountByAccountGroupId(
GetAdminTicket(), _user.id, _group_id));
// create the account group picture
EndPoint.CreateOrUpdateAccountGroupPicture(_user.ticket, t_instance);
Assert.IsTrue(false, "Expected Access Denied exception.");
}
catch (Exception ex)
{
Console.WriteLine("Exception: {0}", ex.Message);
Assert.AreEqual("System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> SnCore.Services.ManagedAccount+AccessDeniedException: Access denied",
ex.Message.Split("\n".ToCharArray(), 2)[0],
string.Format("Unexpected exception: {0}", ex.Message));
}
// the user joins the group
WebGroupService.TransitAccountGroupAccount t_accountinstance = new WebGroupService.TransitAccountGroupAccount();
t_accountinstance.AccountGroupId = _group_id;
t_accountinstance.AccountId = _user.id;
t_accountinstance.IsAdministrator = false;
t_accountinstance.Id = EndPoint.CreateOrUpdateAccountGroupAccount(GetAdminTicket(), t_accountinstance);
Assert.AreNotEqual(0, t_accountinstance.Id);
// check that the user now can add a picture
t_instance.Id = EndPoint.CreateOrUpdateAccountGroupPicture(_user.ticket, t_instance);
Assert.AreNotEqual(0, t_instance.Id);
}
public void CreateOrUpdateAccountGroupAccountInvitationTest()
{
string email = GetNewEmailAddress();
AccountTest _account = new AccountTest();
WebAccountService.TransitAccount t_user = _account.GetTransitInstance();
t_user.Id = _account.EndPoint.CreateAccount(string.Empty, email, t_user);
Assert.AreNotEqual(0, t_user.Id);
Console.WriteLine("Created account: {0}", t_user.Id);
// only members can create invitations
WebGroupService.TransitAccountGroupAccountInvitation t_instance = GetTransitInstance();
t_instance.AccountId = t_user.Id;
t_instance.RequesterId = _user.id;
try
{
// make sure the user is not a member of the group
Assert.IsNull(EndPoint.GetAccountGroupAccountByAccountGroupId(
GetAdminTicket(), _user.id, _group_id));
// create the account group invitation
EndPoint.CreateOrUpdateAccountGroupAccountInvitation(_user.ticket, t_instance);
Assert.IsTrue(false, "Expected Access Denied exception.");
}
catch (Exception ex)
{
Console.WriteLine("Exception: {0}", ex.Message);
Assert.AreEqual("System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> SnCore.Services.ManagedAccount+AccessDeniedException: Access denied",
ex.Message.Split("\n".ToCharArray(), 2)[0],
string.Format("Unexpected exception: {0}", ex.Message));
}
// the user joins the group
WebGroupService.TransitAccountGroupAccount t_accountinstance = new WebGroupService.TransitAccountGroupAccount();
t_accountinstance.AccountGroupId = _group_id;
t_accountinstance.AccountId = _user.id;
t_accountinstance.IsAdministrator = false;
t_accountinstance.Id = EndPoint.CreateOrUpdateAccountGroupAccount(GetAdminTicket(), t_accountinstance);
// make sure the invitation can be now sent
t_instance.Id = EndPoint.CreateOrUpdateAccountGroupAccountInvitation(_user.ticket, t_instance);
Assert.AreNotEqual(0, t_instance.Id);
// TODO: make sure another user can't see invitation
}
public void CreateOrUpdateAccountGroupExistingAccountInvitationTest()
{
// the user joins the group
WebGroupService.TransitAccountGroupAccount t_accountinstance = new WebGroupService.TransitAccountGroupAccount();
t_accountinstance.AccountGroupId = _group_id;
t_accountinstance.AccountId = _user.id;
t_accountinstance.IsAdministrator = false;
t_accountinstance.Id = EndPoint.CreateOrUpdateAccountGroupAccount(GetAdminTicket(), t_accountinstance);
Assert.AreNotEqual(0, t_accountinstance.Id);
// this is the same user that is already a member of the group
try
{
WebGroupService.TransitAccountGroupAccountInvitation t_instance = GetTransitInstance();
t_instance.AccountId = _user.id;
t_instance.Id = EndPoint.CreateOrUpdateAccountGroupAccountInvitation(_user.ticket, t_instance);
Assert.IsTrue(false, "Expected user is already a member of the group exception.");
}
catch (Exception ex)
{
Console.WriteLine("Exception: {0}", ex.Message);
Assert.IsTrue(ex.Message.Contains("is already a member of"), string.Format("Unexpected exception: {0}", ex.Message));
}
}
public void AcceptAccountGroupAccountInvitationAdminRequesterTest()
{
// update the group to private
WebGroupService.TransitAccountGroup t_group = EndPoint.GetAccountGroupById(GetAdminTicket(), _group_id);
t_group.IsPrivate = true;
EndPoint.CreateOrUpdateAccountGroup(GetAdminTicket(), t_group);
Console.WriteLine("Updated group to private: {0}", _group_id);
// create an invitatoin for user
WebGroupService.TransitAccountGroupAccountInvitation t_instance = new WebGroupService.TransitAccountGroupAccountInvitation();
t_instance.AccountGroupId = _group_id;
t_instance.AccountId = _user.id;
t_instance.RequesterId = GetAdminAccount().Id;
t_instance.Message = GetNewString();
t_instance.Id = EndPoint.CreateOrUpdateAccountGroupAccountInvitation(GetAdminTicket(), t_instance);
Console.WriteLine("Created invitation: {0}", t_instance.Id);
// make sure the user isn't member of the group
Assert.IsNull(EndPoint.GetAccountGroupAccountByAccountGroupId(GetAdminTicket(), _user.id, _group_id));
// get the pending group membership requests
WebGroupService.TransitAccountGroupAccountRequest[] requests1 = EndPoint.GetAccountGroupAccountRequests(
GetAdminTicket(), _group_id, null);
Console.WriteLine("Pending requests: {0}", requests1.Length);
// accept invitation
EndPoint.AcceptAccountGroupAccountInvitation(_user.ticket, t_instance.Id, GetNewString());
// since the invitation comes from a group admin, this has not created a new request on the group
WebGroupService.TransitAccountGroupAccountRequest[] requests2 = EndPoint.GetAccountGroupAccountRequests(
GetAdminTicket(), _group_id, null);
Console.WriteLine("Pending requests: {0}", requests2.Length);
Assert.AreEqual(requests1.Length, requests2.Length);
// make sure the invitation was deleted
Assert.IsNull(EndPoint.GetAccountGroupAccountInvitationById(_user.ticket, t_instance.Id));
// make sure the user is member of the group
WebGroupService.TransitAccountGroupAccount t_account = EndPoint.GetAccountGroupAccountByAccountGroupId(GetAdminTicket(), _user.id, _group_id);
Assert.IsNotNull(t_account);
Console.WriteLine("Account: {0}", t_account.Id);
Assert.AreEqual(t_account.AccountId, _user.id);
}
public void AcceptAccountGroupAccountInvitationTest()
{
// login user
string email = GetNewEmailAddress();
AccountTest _account = new AccountTest();
WebAccountService.TransitAccount t_user = _account.GetTransitInstance();
t_user.Id = _account.EndPoint.CreateAccount(string.Empty, email, t_user);
Assert.AreNotEqual(0, t_user.Id);
Console.WriteLine("Created account: {0}", t_user.Id);
string userticket = _account.Login(email, t_user.Password);
// join user to group
WebGroupService.TransitAccountGroupAccount t_account = new WebGroupService.TransitAccountGroupAccount();
t_account.AccountGroupId = _group_id;
t_account.AccountId = t_user.Id;
t_account.IsAdministrator = false;
t_account.Id = EndPoint.CreateOrUpdateAccountGroupAccount(userticket, t_account);
Assert.AreNotEqual(0, t_account.Id);
Console.WriteLine("Joined user: {0}", t_account.Id);
// update the group to private
WebGroupService.TransitAccountGroup t_group = EndPoint.GetAccountGroupById(GetAdminTicket(), _group_id);
t_group.IsPrivate = true;
EndPoint.CreateOrUpdateAccountGroup(GetAdminTicket(), t_group);
Console.WriteLine("Updated group to private: {0}", _group_id);
// create an invitatoin for user
WebGroupService.TransitAccountGroupAccountInvitation t_instance = new WebGroupService.TransitAccountGroupAccountInvitation();
t_instance.AccountGroupId = _group_id;
t_instance.AccountId = _user.id;
t_instance.RequesterId = t_account.AccountId;
t_instance.Message = GetNewString();
t_instance.Id = EndPoint.CreateOrUpdateAccountGroupAccountInvitation(GetAdminTicket(), t_instance);
Console.WriteLine("Created invitation: {0}", t_instance.Id);
// make sure the user isn't member of the group
Assert.IsNull(EndPoint.GetAccountGroupAccountByAccountGroupId(GetAdminTicket(), _user.id, _group_id));
// get the pending group membership requests
WebGroupService.TransitAccountGroupAccountRequest[] requests1 = EndPoint.GetAccountGroupAccountRequests(
GetAdminTicket(), _group_id, null);
Console.WriteLine("Pending requests: {0}", requests1.Length);
// accept invitation
EndPoint.AcceptAccountGroupAccountInvitation(_user.ticket, t_instance.Id, GetNewString());
// this has created a new request on the group, it should be +1
WebGroupService.TransitAccountGroupAccountRequest[] requests2 = EndPoint.GetAccountGroupAccountRequests(
GetAdminTicket(), _group_id, null);
Console.WriteLine("Pending requests: {0}", requests2.Length);
Assert.AreEqual(requests1.Length + 1, requests2.Length);
// make sure there's an AccountId in the requests for the user
WebGroupService.TransitAccountGroupAccountRequest request = null;
Assert.IsTrue(new TransitServiceCollection <WebGroupService.TransitAccountGroupAccountRequest>(requests2).ContainsId(
_user.id, "AccountId", out request));
Assert.IsNotNull(request);
Console.WriteLine("New request: {0}", request.Id);
// accept the request by admin
EndPoint.AcceptAccountGroupAccountRequest(GetAdminTicket(), request.Id, GetNewString());
// make sure the invitation was deleted
Assert.IsNull(EndPoint.GetAccountGroupAccountInvitationById(_user.ticket, t_instance.Id));
// make sure the request cannot be found any more
WebGroupService.TransitAccountGroupAccountRequest[] requests3 = EndPoint.GetAccountGroupAccountRequests(
GetAdminTicket(), _group_id, null);
Console.WriteLine("Pending requests: {0}", requests3.Length);
Assert.AreEqual(requests1.Length, requests3.Length);
// make sure the user is member of the group
WebGroupService.TransitAccountGroupAccount t_groupaccount = EndPoint.GetAccountGroupAccountByAccountGroupId(
GetAdminTicket(), _user.id, _group_id);
Assert.IsNotNull(t_groupaccount);
Console.WriteLine("Account: {0}", t_groupaccount.Id);
Assert.AreEqual(t_groupaccount.AccountId, _user.id);
_account.Delete(GetAdminTicket(), t_user.Id);
}
public void GetAccountGroupDiscussionTest()
{
// make sure that anyone can access a discussion of a public group
// create a public group
WebGroupService.TransitAccountGroup t_group = GetTransitInstance();
t_group.IsPrivate = false;
t_group.Id = Create(GetAdminTicket(), t_group);
// fetch the discussion
WebDiscussionService.WebDiscussionService discussionendpoint = new WebDiscussionService.WebDiscussionService();
int discussion_id = discussionendpoint.GetOrCreateDiscussionId(GetAdminTicket(), "AccountGroup", t_group.Id);
Console.WriteLine("Discussion: {0}", discussion_id);
Assert.AreNotEqual(0, discussion_id);
// make sure a regular user can't post a thread (must be member of a group)
try
{
WebDiscussionService.TransitDiscussionPost t_post1 = new WebDiscussionService.TransitDiscussionPost();
t_post1.AccountId = _user.id;
t_post1.DiscussionId = discussion_id;
t_post1.DiscussionThreadId = 0;
t_post1.Subject = GetNewString();
t_post1.Body = GetNewString();
t_post1.Id = discussionendpoint.CreateOrUpdateDiscussionPost(_user.ticket, t_post1);
Console.WriteLine("Post: {0}", t_post1.Id);
Assert.IsFalse(true, "Expected an Access Denied exception.");
}
catch (Exception ex)
{
Console.WriteLine("Exception: {0}", ex.Message);
Assert.AreEqual("System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> SnCore.Services.ManagedAccount+AccessDeniedException: Access denied",
ex.Message.Split("\n".ToCharArray(), 2)[0],
string.Format("Unexpected exception: {0}", ex.Message));
}
// post a new thread (as admin)
WebDiscussionService.TransitDiscussionPost t_post2 = new WebDiscussionService.TransitDiscussionPost();
t_post2.AccountId = GetAdminAccount().Id;
t_post2.DiscussionId = discussion_id;
t_post2.DiscussionThreadId = 0;
t_post2.Subject = GetNewString();
t_post2.Body = GetNewString();
t_post2.Id = discussionendpoint.CreateOrUpdateDiscussionPost(GetAdminTicket(), t_post2);
Console.WriteLine("Post: {0}", t_post2.Id);
// make sure regular users can't read posts from a public discussion
try
{
WebDiscussionService.TransitDiscussionPost t_post3 = discussionendpoint.GetDiscussionPostById(
_user.ticket, t_post2.Id);
Console.WriteLine("Post: {0}", t_post3.Id);
Assert.IsFalse(true, "Expected an Access Denied exception.");
}
catch (Exception ex)
{
Console.WriteLine("Exception: {0}", ex.Message);
Assert.AreEqual("System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> SnCore.Services.ManagedAccount+AccessDeniedException: Access denied",
ex.Message.Split("\n".ToCharArray(), 2)[0],
string.Format("Unexpected exception: {0}", ex.Message));
}
// join the user to the group
WebGroupService.TransitAccountGroupAccount t_account = new WebGroupService.TransitAccountGroupAccount();
t_account.AccountGroupId = t_group.Id;
t_account.AccountId = _user.id;
t_account.IsAdministrator = false;
t_account.Id = EndPoint.CreateOrUpdateAccountGroupAccount(GetAdminTicket(), t_account);
Console.WriteLine("Joined: {0}", t_account.Id);
Assert.AreNotEqual(0, t_account.Id);
// the user now can retrieve the post
WebDiscussionService.TransitDiscussionPost t_post4 = discussionendpoint.GetDiscussionPostById(
_user.ticket, t_post2.Id);
Console.WriteLine("Post: {0}", t_post4.Id);
// done
Delete(GetAdminTicket(), t_group.Id);
}
