public void Test02SignUserInViaIdentityCookie() { FullInputContext context = new FullInputContext(true); SignInSystem signInType = SignInSystem.Identity; CallingUser user = new CallingUser(signInType, null, null, null, context.SiteList); string cookie = TestUserAccounts.GetModeratorAccount.Cookie; string policy = "http://identity/policies/dna/adult"; int siteID = 1; Assert.IsTrue(user.IsUserSignedIn(cookie, policy, siteID, "")); Assert.IsTrue(user.IsUserA(UserTypes.Moderator)); Assert.IsFalse(user.IsUserA(UserTypes.Editor)); }
public void Test02SignUserInViaIdentityCookie() { FullInputContext context = new FullInputContext(""); SignInSystem signInType = SignInSystem.Identity; CallingUser user = new CallingUser(signInType, null, null, null, TestUserAccounts.GetModeratorAccount.UserName, context.SiteList); string cookie = TestUserAccounts.GetModeratorAccount.Cookie; string policy = "comment"; int siteID = 1; Assert.IsTrue(user.IsUserSignedIn(cookie, policy, siteID, "", null, Guid.Empty)); Assert.IsTrue(user.IsUserA(UserTypes.Moderator)); Assert.IsFalse(user.IsUserA(UserTypes.Editor)); }
private Stream AddCallingUserToOutputStream(CallingUser user) { if (!user.IsSecureRequest) { user.IdentityUserID = ""; user.TeamID = 0; user.TwitterUserID = ""; user.IdentityUserName = ""; user.LastSynchronisedDate = DateTime.Now; } return GetOutputStream(user); }
private CallingUser GetCallingUserInfoInternal(string sitename) { var user = GetCallingUserInfoInternalFull(sitename); var userWithLessDetail = new CallingUser(SignInSystem.Identity, null, null,null,null, null); userWithLessDetail.UserID = user.UserID; userWithLessDetail.UserName = user.UserName; userWithLessDetail.UsersListOfGroups = user.UsersListOfGroups; userWithLessDetail.Status = user.Status; userWithLessDetail.SiteSuffix = user.SiteSuffix; return userWithLessDetail; }
public void Test03SignUserInAndAddThemToAcesGroup() { FullInputContext context = new FullInputContext(true); SignInSystem signInType = SignInSystem.Identity; CallingUser user = new CallingUser(signInType, context.ReaderCreator, null, null, context.SiteList); string cookie = TestUserAccounts.GetModeratorAccount.Cookie; string policy = "http://identity/policies/dna/adult"; int siteID = 1; Assert.IsTrue(user.IsUserSignedIn(cookie, policy, siteID, "")); Assert.IsTrue(user.IsUserA(UserTypes.Moderator)); Assert.IsFalse(user.GetUsersGroupsForSite().Exists(x => x.Name == "aces")); Assert.IsTrue(user.AddUserToGroup("Aces")); Assert.IsTrue(user.GetUsersGroupsForSite().Exists(x => x.Name == "aces")); }
public void Test03SignUserInAndAddThemToAcesGroup() { FullInputContext context = new FullInputContext("dotnetmoderator"); SignInSystem signInType = SignInSystem.Identity; CallingUser user = new CallingUser(signInType, context.ReaderCreator, null, null, TestUserAccounts.GetModeratorAccount.UserName, context.SiteList); string cookie = TestUserAccounts.GetModeratorAccount.Cookie; string policy = "comment"; int siteID = 1; Assert.IsTrue(user.IsUserSignedIn(cookie, policy, siteID, TestUserAccounts.GetModeratorAccount.UserName, null, Guid.Empty)); Assert.IsTrue(user.IsUserA(UserTypes.Moderator)); Assert.IsFalse(user.GetUsersGroupsForSite().Exists(x => x.Name == "aces")); Assert.IsTrue(user.AddUserToGroup("Aces")); Assert.IsTrue(user.GetUsersGroupsForSite().Exists(x => x.Name.ToLower() == "aces")); }
public void UserDoesNotGetsUDNGNameSetFromDisplayNameForNonKidsSiteUsingIDv4() { string cookie = "debugcookie"; string policy = "u16comments"; int siteID = 1; string identityUserName = TestUserAccounts.GetNormalUserAccount.UserName; string dnaUserName = "******"; string originalSiteSuffix = "OriginalSiteSuffix"; string ipAddress = "0.0.0.0"; Guid BBCUid = new Guid(); bool isKidsSite = false; bool useIdV4 = true; string useUDNG = "http://UDNG.bbc.co.uk"; ICacheManager mockedCacheManager; IDnaDiagnostics mockedDiagnostics; ISiteList mockedSiteList; IDnaDataReaderCreator mockedCreator; SetupCallingUserSenario(siteID, dnaUserName, originalSiteSuffix, isKidsSite, useIdV4, useUDNG, out mockedCacheManager, out mockedDiagnostics, out mockedSiteList, out mockedCreator); _mocks.ReplayAll(); var bannedEmails = new BannedEmails(mockedCreator, mockedDiagnostics, mockedCacheManager, new List<string>(), new List<string>()); CallingUser callingUser = new CallingUser(SignInSystem.DebugIdentity, mockedCreator, mockedDiagnostics, null, identityUserName, mockedSiteList); Assert.IsTrue(callingUser.IsUserSignedIn(cookie, policy, siteID, identityUserName, ipAddress, BBCUid)); Assert.AreNotEqual(originalSiteSuffix, callingUser.SiteSuffix); Assert.AreNotEqual(identityUserName, callingUser.SiteSuffix); }
public void CommentCreate_WithCharLimit_SuperUser() { //normal user ICallingUser user = new CallingUser(SignInSystem.DebugIdentity, null, null, null, TestUserAccounts.GetSuperUserAccount.UserName, _siteList); user.IsUserSignedInSecure(TestUtils.TestUserAccounts.GetSuperUserAccount.Cookie, TestUtils.TestUserAccounts.GetSuperUserAccount.SecureCookie, site.IdentityPolicy, site.SiteID, null, Guid.Empty); bool shouldAssertCharLimit = false; SetupforumAndTestCharLimit(user, shouldAssertCharLimit); }
private static void SubsOnly(CallingUser callingUser) { bool authorised = callingUser.IsUserA(UserTypes.SubEditor) || callingUser.IsUserA(BBC.Dna.Users.UserTypes.Editor) || callingUser.IsUserA(BBC.Dna.Users.UserTypes.SuperUser); if (!authorised) { throw new DnaWebProtocolException(ApiException.GetError(ErrorType.NotAuthorized)); } }
private Article SaveArticle(ISite site, CallingUser callingUser, Article article, string siteName, bool isNewArticle, int h2g2Id) { // Check: does user have edit permission if ((!isNewArticle) && !article.HasEditPermission(callingUser)) { throw new DnaWebProtocolException(ApiException.GetError(ErrorType.UserDoesNotHavePermissionToEditArticle)); } // Check: profanities bool moderateProfanities = false; string matchingProfanity; List<Term> terms = null; CheckForProfanities(site, article.Subject + " " + article.GuideMLAsString, out moderateProfanities, out matchingProfanity, out terms); // Check: url filter if ((siteList.GetSiteOptionValueBool(site.SiteID, "General", "IsURLFiltered")) && !((callingUser.IsUserA(UserTypes.Editor) || callingUser.IsUserA(UserTypes.Notable)))) { List<string> nonAllowedMatches = new List<string>(); UrlFilter urlFilter = new UrlFilter(); UrlFilter.FilterState result = urlFilter.CheckForURLs(article.Subject + " " + article.GuideMLAsString, nonAllowedMatches, site.SiteID, readerCreator); if (result == UrlFilter.FilterState.Fail) { throw new DnaWebProtocolException(ApiException.GetError(ErrorType.ArticleContainsURLs)); } } // Check: email filter if ((siteList.GetSiteOptionValueBool(site.SiteID, "Forum", "EmailAddressFilter")) && !((callingUser.IsUserA(UserTypes.Editor) || callingUser.IsUserA(UserTypes.Notable)))) { if (EmailAddressFilter.CheckForEmailAddresses(article.Subject + " " + article.GuideMLAsString)) { throw new DnaWebProtocolException(ApiException.GetError(ErrorType.ArticleContainsEmailAddress)); } } if (isNewArticle) { article.CreateNewArticle(cacheManager, readerCreator, callingUser.UserID, site.SiteID); //Users subscribed to this author should have their subscribed content updated. callingUser.UpdateUserSubscriptions(readerCreator, article.H2g2Id); } else // existing article { //Don't overwrite the existing editor of the article int editorId = 0; try { editorId = article.ArticleInfo.PageAuthor.Editor.user.UserId; if (editorId == 0) { editorId = callingUser.UserID; } } catch { editorId = callingUser.UserID; } article.UpdateArticle(cacheManager, readerCreator, editorId); } // set the archive status if (callingUser.IsUserA(UserTypes.Editor)) { article.SetArticleForumArchiveStatus(readerCreator, false); } // moderate isUserImmuneFromModeration needed bool isSiteModerated = !(site.ModerationStatus == BBC.Dna.Moderation.Utils.ModerationStatus.SiteStatus.UnMod); bool isUserModerated = (callingUser.IsPreModerated || callingUser.IsPostModerated); bool isArticleModerated = ((article.ArticleInfo.ModerationStatus == BBC.Dna.Moderation.Utils.ModerationStatus.ArticleStatus.PreMod) || article.ArticleInfo.ModerationStatus == BBC.Dna.Moderation.Utils.ModerationStatus.ArticleStatus.PostMod); bool isArticleInModeration = article.IsArticleIsInModeration(readerCreator); bool isUserInSinbin = (callingUser.IsAutoSinBin == 1); bool isUserImmuneFromModeration = callingUser.HasSpecialEditPermissions(article.H2g2Id); // Queue, update moderation status and hide the guide entry. int modID = 0; if (!isUserImmuneFromModeration) { if (isSiteModerated || isUserModerated || isArticleModerated || isArticleInModeration || moderateProfanities || isUserInSinbin) { if (!String.IsNullOrEmpty(matchingProfanity)) { matchingProfanity = "Profanities: " + matchingProfanity; } article.QueueForModeration(readerCreator, matchingProfanity, ref modID); } } if (article.HiddenStatus == (int)BBC.Dna.Moderation.Utils.CommentStatus.Hidden.NotHidden) { //visible article.UnhideArticle(readerCreator, 0, 0, callingUser.UserID); } else { // hidden article.HideArticle(readerCreator, 0, 0, callingUser.UserID); } article.UpdateResearchers(readerCreator); return article; }
public void Test04CheckSignedInNormalUserBelongsToTheCorrectGroups() { FullInputContext context = new FullInputContext(true); SignInSystem signInType = SignInSystem.Identity; CallingUser user = new CallingUser(signInType, null, null, null, context.SiteList); string cookie = TestUserAccounts.GetNormalUserAccount.Cookie; string policy = "http://identity/policies/dna/adult"; int siteID = 1; Assert.IsTrue(user.IsUserSignedIn(cookie, policy, siteID, "")); Assert.IsTrue(user.IsUserA(UserTypes.NormalUser), "User should be a normal user"); Assert.IsFalse(user.IsUserA(UserTypes.SuperUser), "User should not be a super user"); Assert.IsFalse(user.IsUserA(UserTypes.Moderator), "User should not be a moderator"); Assert.IsFalse(user.IsUserA(UserTypes.Editor), "User should not be a editor"); Assert.IsFalse(user.IsUserA(UserTypes.Notable), "User should not be a notable"); }
/// <summary> /// gets the calling user or uses the notsignedin forum user /// </summary> /// <param name="site"></param> /// <param name="forum"></param> /// <returns></returns> protected CallingUser GetCallingUserOrNotSignedInUser(ISite site, Forum forum) { CallingUser callingUser = null; bool userSignedIn = false; if (site != null) { if (String.IsNullOrEmpty(site.IdentityPolicy)) { callingUser = new CallingUser(SignInSystem.SSO, readerCreator, dnaDiagnostic, cacheManager, debugDnaUserId, siteList); userSignedIn = callingUser.IsUserSignedIn(QueryStringHelper.GetCookieValueAsString("SSO2-UID", ""), site.SSOService, site.SiteID, "", _iPAddress, bbcUidCookie); } else { callingUser = new CallingUser(SignInSystem.Identity, readerCreator, dnaDiagnostic, cacheManager, debugDnaUserId, siteList); userSignedIn = callingUser.IsUserSignedInSecure(QueryStringHelper.GetCookieValueAsString("IDENTITY", ""), QueryStringHelper.GetCookieValueAsString("IDENTITY-HTTPS", ""), site.IdentityPolicy, site.SiteID, _iPAddress, bbcUidCookie); } // Check to see if we've got a user who's signed in, but not logged in. This usualy means they haven't agreed T&Cs if (callingUser.GetSigninStatus == CallingUser.SigninStatus.SignedInNotLoggedIn) { throw new DnaWebProtocolException(new ApiException(site.IdentityPolicy, ErrorType.FailedTermsAndConditions)); } } if ((callingUser == null || !userSignedIn) && (forum.allowNotSignedInCommenting && forum.NotSignedInUserId != 0)) { userSignedIn = callingUser.CreateUserFromDnaUserID(forum.NotSignedInUserId, site.SiteID); } if (callingUser == null || !userSignedIn) { throw new DnaWebProtocolException(ApiException.GetError(ErrorType.MissingUserCredentials)); } return callingUser; }
public void Test07CheckSignedInModeratorBelongsToTheCorrectGroups() { FullInputContext context = new FullInputContext(""); SignInSystem signInType = SignInSystem.Identity; CallingUser user = new CallingUser(signInType, null, null, null, TestUserAccounts.GetModeratorAccount.UserName, context.SiteList); string cookie = TestUserAccounts.GetModeratorAccount.Cookie; string policy = "comment"; int siteID = 1; Assert.IsTrue(user.IsUserSignedIn(cookie, policy, siteID, "", null, Guid.Empty)); Assert.IsTrue(user.IsUserA(UserTypes.NormalUser), "User should be a normal user"); Assert.IsFalse(user.IsUserA(UserTypes.SuperUser), "User should not be a super user"); Assert.IsTrue(user.IsUserA(UserTypes.Moderator), "User should be a moderator"); Assert.IsFalse(user.IsUserA(UserTypes.Editor), "User should not be a editor"); Assert.IsFalse(user.IsUserA(UserTypes.Notable), "User should not be a notable"); }