public void ActivateWithExpiredDateThrowException() { // Arrange var stubUserDao = MockRepository.GenerateStub<IUserExtensionDao>(); stubUserDao.Stub(userExtDao => userExtDao.GetByKey(USER_TEST_ID)).Return(new UserExtension { UserId = USER_TEST_ID, UserStatusCode = USER_STATUS_CREATEDCODE }); var membershipMock = MockRepository.GenerateMock<IMembership>(); membershipMock.Stub(mbs => mbs.GetUser(USER_TEST_ID)).Return(dummyMembershipUser); accountManager.UserExtensionDao = stubUserDao; accountManager.Membership = membershipMock; ActivationToken token = new ActivationToken { UserId = USER_TEST_ID, ExpiryDate = DateTime.Now.AddHours(-1), TypeCode = ACTIVATION_TYPE_CODE, Version = CURRENT_VERSION }; string encryptedToken = accountManager.CreateActivationToken(token); ActivationRequest validActivationRequest = new ActivationRequest { Answer = SECURITY_ANSWER, SecurityQuestionId = SECURITY_QUESTION_ID, Password = PASSWORD, Token = encryptedToken }; try { //Act string userName = accountManager.Activate(validActivationRequest); // Assert Assert.Fail("An exception SRVEX30067 of type ValidationException should have been thrown"); } catch (ValidationException ex) { // Assert Assert.AreEqual(Errors.SRVEX30067.ToString(), ex.Code, "The Validation exception is not returning the right error code"); } }
public void ActivateWithCorrectTokenReturnTrue() { // Arrange var mockUserDao = MockRepository.GenerateMock<IUserExtensionDao>(); var membershipMock = MockRepository.GenerateMock<IMembership>(); membershipMock.Stub(mbs => mbs.GetUser(USER_TEST_ID)).Return(dummyMembershipUser); mockUserDao.Expect(userExtDao => userExtDao.Modify(Arg<UserExtension>.Is.Anything)).Return(true); mockUserDao.Stub(userExtDao => userExtDao.GetByKey(USER_TEST_ID)).Return(new UserExtension { UserId = USER_TEST_ID, UserStatusCode = USER_STATUS_CREATEDCODE }); accountManager.UserExtensionDao = mockUserDao; accountManager.Membership = membershipMock; ActivationToken token = new ActivationToken { UserId = USER_TEST_ID, ExpiryDate = DateTime.Now.AddDays(5), TypeCode = ACTIVATION_TYPE_CODE, Version = CURRENT_VERSION }; string encryptedToken = accountManager.CreateDefaultActivationToken(USER_TEST_ID); ActivationRequest validActivationRequest = new ActivationRequest { Answer = SECURITY_ANSWER, SecurityQuestionId = SECURITY_QUESTION_ID, Password = PASSWORD, Token = encryptedToken }; membershipMock.Expect(mbs => mbs.ChangePassword(dummyMembershipUser, validActivationRequest.Password)). Return(true); membershipMock.Expect( mbs => mbs.ChangeSecurityQuestionAndAnswer(dummyMembershipUser, validActivationRequest.Password, validActivationRequest.SecurityQuestionId.ToString(), validActivationRequest.Answer)).Return(true); //Act string userName = accountManager.Activate(validActivationRequest); //Assert Assert.IsNotNull(userName, "Check the Activate method return a valid response."); membershipMock.VerifyAllExpectations(); mockUserDao.VerifyAllExpectations(); }
public void ActivateWithUnknownUserThrowException() { // Arrange var stubUserDao = MockRepository.GenerateStub<IUserExtensionDao>(); stubUserDao.Stub(userExtDao => userExtDao.GetByKey(USER_TEST_ID)).Return(null); accountManager.UserExtensionDao = stubUserDao; ActivationToken token = new ActivationToken { UserId = USER_TEST_ID, ExpiryDate = DateTime.Now.AddHours(1), TypeCode = ACTIVATION_TYPE_CODE, Version = CURRENT_VERSION }; string encryptedToken = accountManager.CreateDefaultActivationToken(USER_TEST_ID); ActivationRequest validActivationRequest = new ActivationRequest { Answer = SECURITY_ANSWER, SecurityQuestionId = SECURITY_QUESTION_ID, Password = PASSWORD, Token = encryptedToken }; try { //Act string userName = accountManager.Activate(validActivationRequest); // Assert Assert.Fail("An exception SRVEX30064 of type ValidationException should have been thrown"); } catch (ValidationException ex) { // Assert Assert.AreEqual(Errors.SRVEX30064.ToString(), ex.Code, "The Validation exception is not returning the right error code"); } }
/// <summary> /// Activate a user based on the activation token, user extension and activation request /// </summary> /// <param name="userExtension">The user extension</param> /// <param name="activationRequest">The activation request</param> /// <returns>The activated user name</returns> private string ActivateUser(UserExtension userExtension, ActivationRequest activationRequest, string activationType) { MembershipUser user = membership.GetUser(userExtension.UserId); bool isUpdated = false; // NOTE: This condition seems to be wrong, because the return user.UserName statement at the end of this method could be called on a potentially null object. if (user != null) { using (BusinessTransaction tx = new BusinessTransaction()) { //unlock user if user is locked if (userExtension.UserStatusCode == UserStatusEnum.Locked.GetCode()) { user.UnlockUser(); } userExtension.UserStatusCode = USER_STATUS_ACTIVATED; bool isChangePassword = membership.ChangePassword(user, activationRequest.Password); bool isChangeQuestionAndAnswer = membership.ChangeSecurityQuestionAndAnswer( user, activationRequest.Password, activationRequest.SecurityQuestionId.ToString(), activationRequest.Answer); isUpdated = userExtensionDao.Modify(userExtension); if (activationType == RESETPASSWORD_TYPE_CODE) { userManager.RecordUserEvent(userExtension.UserId, UserEventTypesEnum.UserReActivated); } else if (activationType == ACTIVATION_TYPE_CODE) { userManager.RecordUserEvent(userExtension.UserId, UserEventTypesEnum.UserActivated); } if (isUpdated == false || isChangePassword == false || isChangeQuestionAndAnswer == false) { tx.Rollback(); } tx.Commit(); } } return user.UserName; }
/// <summary> /// Validate an activation/reset password token /// </summary> /// <param name="activationRequest">Activation request</param> /// <param name="activationType">The type of the activation (activation or reset password)</param> /// <returns>the user extension from the decrypted token</returns> private UserExtension ValidateToken(ActivationRequest activationRequest, out string activationType) { ActivationToken token = DecrypToken(activationRequest.Token); if (token == null) { throw new ValidationException(ErrorFactory.CreateAndLogError(Errors.SRVEX30066, "AccountManager.ValidateToken")); } if (DateTime.Now > token.ExpiryDate) { throw new ValidationException(ErrorFactory.CreateAndLogError(Errors.SRVEX30067, "AccountManager.ValidateToken", additionalDescriptionParameters: new object[] { token.UserId, token.ExpiryDate })); } UserExtension userExtension = userExtensionDao.GetByKey(token.UserId); if (userExtension == null) { throw new ValidationException(ErrorFactory.CreateAndLogError(Errors.SRVEX30064, "AccountManager.ValidateToken", additionalDescriptionParameters: new object[] { token.UserId, token.ExpiryDate })); } if (token.TypeCode == ACTIVATION_TYPE_CODE && userExtension.UserStatusCode != USER_STATUS_CREATEDCODE) { throw new ValidationException(ErrorFactory.CreateAndLogError(Errors.SRVEX30065, "AccountManager.ValidateToken", additionalDescriptionParameters: new object[] { token.UserId, userExtension.UserStatusCode })); } activationType = token.TypeCode; return userExtension; }
/// <summary> /// Validate the encrypted token /// </summary> /// <param name="activationRequest">Activation request</param> /// <returns>return true if valid</returns> public bool Validate(ActivationRequest activationRequest) { string activationType; return ValidateToken(activationRequest, out activationType) != null; }
/// <summary> /// Activate a user based on the activation request /// </summary> /// <param name="activationRequest">The activation request</param> /// <returns>The activated user name</returns> public string Activate(ActivationRequest activationRequest) { string activationType; UserExtension userExtension = ValidateToken(activationRequest, out activationType); if (userExtension != null) { return ActivateUser(userExtension, activationRequest, activationType); } return null; }