public void GivenIMakeANoteOfTheSecurityInformationAndSaltForUser(string userName)
{
var user = SeDatabase.GetUsers().Single(a => a.UserName == userName);
ScenarioContext.Current.SetHash(user.SecurityAnswer);
ScenarioContext.Current.SetSalt(user.SecurityAnswerSalt);
}
public void ThenTheUserHasThePasswordExpiryDateSet(string userName)
{
var user = SeDatabase.GetUsers().Single(a => a.UserName == userName);
Assert.IsTrue(user.PasswordExpiryDateUtc.HasValue, $"User {user.UserName} should have had the password expiry date set");
Assert.That(user.PasswordExpiryDateUtc.Value, Is.LessThan(DateTime.UtcNow));
}
public void GivenIHaveTheFollowingLogsInTheSystem(Table table)
{
var dataToCreate = table.CreateSet <Log>().ToList();
dataToCreate.ForEach(a => a.TimeStamp = DateTime.Now);
SeDatabase.SetLogs(dataToCreate);
}
public void ThenIHaveALogInTheSystemMatchingTheFollowing(Table table)
{
var logModel = table.CreateInstance <LogModel>();
var logs = SeDatabase.GetLogs();
Assert.IsTrue(logs.Count(a => a.Level == logModel.Level && a.Message.Contains(logModel.Message)) == 1, "Log does not match message");
}
public void GivenIMakeANoteOfThePasswordAndSaltFor(string userName)
{
var user = SeDatabase.GetUsers().Single(a => a.UserName == userName);
ScenarioContext.Current.SetHash(user.PasswordHash);
ScenarioContext.Current.SetSalt(user.PasswordSalt);
}
public void ThenTheUserDoesNotHaveThePasswordExpiryDateSet(string userName)
{
var user = SeDatabase.GetUsers().Single(a => a.UserName == userName);
Assert.IsFalse(user.PasswordExpiryDateUtc.HasValue,
$"User {user.UserName} should not have the password expiry date set");
}
public void ThenThePasswordResetTokenAndExpiryForUserAreNotSet(string userName)
{
var user = SeDatabase.GetUsers().Single(a => a.UserName == userName);
Assert.IsTrue(string.IsNullOrEmpty(user.PasswordResetToken), $"User {user.UserName} should have had the password reset token cleared");
Assert.IsFalse(user.PasswordResetExpiryDateUtc.HasValue, $"User {user.UserName} should have had the password reset token expiry date cleared");
}
public void ThenTheUserHasThePasswordResetTokenSetAndPasswordResetExpirySetToMinutes(string userName, int expiryMinutes)
{
var user = SeDatabase.GetUsers().Single(a => a.UserName == userName);
Assert.IsTrue(!string.IsNullOrEmpty(user.PasswordResetToken), $"User {user.UserName} should have had the password reset token set");
Assert.IsTrue(user.PasswordResetExpiryDateUtc.HasValue, $"User {user.UserName} should have had the password reset token expiry date set");
Assert.That(user.PasswordResetExpiryDateUtc.Value, Is.GreaterThan(DateTime.UtcNow.AddMinutes(expiryMinutes)));
}
public void ThenTheUserHasTheNewEmailAddressTokenAndExpiryCleared(string userName)
{
var user = SeDatabase.GetUsers().Single(a => a.UserName == userName);
Assert.IsNull(user.NewEmailAddress, "New Email Address should be cleared");
Assert.IsNull(user.NewEmailAddressToken, $"User {user.UserName} should have had the new email address token cleared");
Assert.IsFalse(user.NewEmailAddressRequestExpiryDateUtc.HasValue, $"User {user.UserName} should have had the new email address expiry date cleared");
}
public void GivenTheFollowingUsersAreSetupInTheDatabase(Table table)
{
var usersToCreate = table.CreateSet <UserToCreate>().ToList();
var users = new List <User>();
var hashStrategy = (HashStrategyKind)Convert.ToInt32(ConfigurationManager.AppSettings["DefaultHashStrategy"]);
var encryptor = new Encryption();
var adminRole = SeDatabase.GetRoleByName("Admin");
foreach (var userToCreate in usersToCreate)
{
string encryptedSecurityAnswer;
string encryptedSecurityAnswerSalt;
var securePassword = new SecuredPassword(userToCreate.Password, hashStrategy);
var securityQuestion = SeDatabase.GetLookupItemsByLookupType(Consts.LookupTypeId.SecurityQuestion).Single(a => a.Description == userToCreate.SecurityQuestion);
encryptor.Encrypt(ConfigurationManager.AppSettings["EncryptionPassword"], Convert.ToInt32(ConfigurationManager.AppSettings["EncryptionIterationCount"]), userToCreate.SecurityAnswer, out encryptedSecurityAnswerSalt, out encryptedSecurityAnswer);
var user = new User
{
UserName = userToCreate.UserName,
FirstName = userToCreate.FirstName,
LastName = userToCreate.LastName,
TelNoWork = userToCreate.WorkTelephoneNumber,
TelNoHome = userToCreate.HomeTelephoneNumber,
TelNoMobile = userToCreate.MobileTelephoneNumber,
Title = userToCreate.Title,
Town = userToCreate.Town,
Postcode = userToCreate.Postcode,
SkypeName = userToCreate.SkypeName,
HashStrategy = hashStrategy,
PasswordHash = Convert.ToBase64String(securePassword.Hash),
PasswordSalt = Convert.ToBase64String(securePassword.Salt),
SecurityQuestionLookupItemId = securityQuestion.Id,
SecurityAnswer = encryptedSecurityAnswer,
SecurityAnswerSalt = encryptedSecurityAnswerSalt,
Approved = true,
EmailVerified = true,
Enabled = true,
PasswordLastChangedDateUtc = DateTime.UtcNow,
PasswordResetToken = string.IsNullOrWhiteSpace(userToCreate.PasswordResetToken) ? null : userToCreate.PasswordResetToken,
PasswordResetExpiryDateUtc = userToCreate.PasswordResetExpiry == "[One day from now]" ? (DateTime?)DateTime.UtcNow.AddDays(1) : null,
NewEmailAddress = string.IsNullOrWhiteSpace(userToCreate.NewEmailAddress) ? null : userToCreate.NewEmailAddress,
NewEmailAddressToken = string.IsNullOrWhiteSpace(userToCreate.NewEmailAddressToken) ? null : userToCreate.NewEmailAddressToken,
NewEmailAddressRequestExpiryDateUtc = userToCreate.NewEmailAddressRequestExpiryDate == "[One day from now]" ? (DateTime?)DateTime.UtcNow.AddDays(1) : null,
PasswordExpiryDateUtc = userToCreate.PasswordExpiryDate == "[Expired]" ? (DateTime?)DateTime.Now.AddDays(-1) : null
};
if (userToCreate.IsAdmin)
{
user.UserRoles = new List <UserRole> {
new UserRole {
RoleId = adminRole.Id, UserId = 1
}
};
}
users.Add(user);
}
SeDatabase.SetUsers(users);
}
public void ThenTheUserHasTheNewEmailAddressTokenSetAndNewEmailAddressExpiryIsAtLeastMinutesFromNow(string userName, int expiryMinutes)
{
var user = SeDatabase.GetUsers().Single(a => a.UserName == userName);
Assert.IsTrue(!string.IsNullOrEmpty(user.NewEmailAddress), $"User {user.UserName} should have had the new email address set");
Assert.IsTrue(!string.IsNullOrEmpty(user.NewEmailAddressToken), $"User {user.UserName} should have had the new email address token set");
Assert.IsTrue(user.NewEmailAddressRequestExpiryDateUtc.HasValue, $"User {user.UserName} should have had the new email address expiry date set");
Assert.That(user.NewEmailAddressRequestExpiryDateUtc.Value, Is.GreaterThan(DateTime.UtcNow.AddMinutes(expiryMinutes)));
}
public void ThenTheSecurityInformationForHasChanged(string userName)
{
var user = SeDatabase.GetUsers().Single(a => a.UserName == userName);
var expectedHash = ScenarioContext.Current.GetHash();
var expectedSalt = ScenarioContext.Current.GetSalt();
Assert.IsFalse(string.IsNullOrEmpty(expectedHash), "Hash has not previously been captured");
Assert.IsFalse(string.IsNullOrEmpty(expectedSalt), "Salt has not previously been captured");
Assert.That(user.PasswordHash, Is.Not.EqualTo(expectedHash), "The hash was expected to have changed");
Assert.That(user.PasswordSalt, Is.Not.EqualTo(expectedSalt), "The salt was expected to have changed");
}
public void ThenIHaveCertificatePolicyViolationInTheSystem(int expectedNumberOfCtViolations)
{
var ctWarnings = SeDatabase.GetCtWarnings();
Repeater.DoOrTimeout(() =>
{
ctWarnings = SeDatabase.GetCtWarnings();
return(ctWarnings.Count == expectedNumberOfCtViolations);
}, TimeSpan.FromSeconds(30), TimeSpan.FromSeconds(2));
Assert.That(ctWarnings.Count, Is.EqualTo(expectedNumberOfCtViolations), $"Was not able to find {expectedNumberOfCtViolations} ct violations in the logs");
}
public void ThenIHaveHttpPublicKeyPinningViolationInTheSystem(int expectedNumberOfHpkpViolations)
{
var hpkpWarnings = SeDatabase.GetHpkpWarnings();
Repeater.DoOrTimeout(() =>
{
hpkpWarnings = SeDatabase.GetHpkpWarnings();
return(hpkpWarnings.Count == expectedNumberOfHpkpViolations);
}, TimeSpan.FromSeconds(30), TimeSpan.FromSeconds(2));
Assert.That(hpkpWarnings.Count, Is.EqualTo(expectedNumberOfHpkpViolations), $"Was not able to find {expectedNumberOfHpkpViolations} hpkp violations in the logs");
}
public static void CheckForErrors()
{
var errors = SeDatabase.GetSystemErrors();
Assert.That(errors.Count, Is.EqualTo(0), $"Expected No errors but found error(s) {string.Join(", ", errors.Select(a => a.Message).ToArray())}");
var appSensorErrors = SeDatabase.GetAppSensorErrors();
Assert.That(appSensorErrors.Count, Is.EqualTo(0), $"Expected No errors but found appSensor error(s) {string.Join(", ", appSensorErrors.Select(a => a.Message).ToArray())}");
var cspWarnings = SeDatabase.GetCspWarnings();
Assert.That(cspWarnings.Count, Is.EqualTo(0), $"Expected No Csp Warnings but found warnings(s) {string.Join(", ", cspWarnings.Select(a => a.Message).ToArray())}");
}
public void GivenTheFollowingUserRolesAreSetupInTheSystemForUser(string userName, Table table)
{
var user = SeDatabase.GetUsers().Single(a => a.UserName == userName);
var userRoles = new List <UserRole>();
foreach (var row in table.Rows)
{
var role = SeDatabase.GetRoleByName(row[0]);
var userRole = new UserRole
{
UserId = user.Id,
RoleId = role.Id
};
userRoles.Add(userRole);
}
SeDatabase.SetUserRoles(userRoles);
}
public void ThenIHaveTheFollowingUsersInTheSystem(Table table)
{
var users = SeDatabase.GetUsers();
if (table.Header.Contains("SecurityQuestionLookupItemId"))
{
foreach (var tableRow in table.Rows)
{
if (tableRow.ContainsKey("SecurityQuestionLookupItemId"))
{
if (!string.IsNullOrWhiteSpace(tableRow["SecurityQuestionLookupItemId"]))
{
var securityQuestionLookupItem =
SeDatabase.GetLookupItemByLookupTypeAndDescription(Consts.LookupTypeId.SecurityQuestion, tableRow["SecurityQuestionLookupItemId"]);
tableRow["SecurityQuestionLookupItemId"] = securityQuestionLookupItem.Id.ToString();
}
}
}
}
table.CompareToSet(users);
}
public static void CheckForErrors()
{
var errors = SeDatabase.GetSystemErrors();
Assert.That(errors.Count, Is.EqualTo(0), $"Expected No errors but found error(s) {string.Join(", ", errors.Select(a => a.Message).ToArray())}");
}
public void GivenTheFollowingLookupTypesAreSetUpInTheDatabase(Table table)
{
var itemsToCreate = table.CreateSet <LookupType>().ToList();
SeDatabase.SetLookupTypes(itemsToCreate);
}
public void GivenIClearDownTheDatabase()
{
SeDatabase.ClearDatabase();
}
public void ThenIHaveTheFollowingUserLogsInTheSystem(Table table)
{
var userLogs = SeDatabase.GetUserLogs();
table.CompareToSet(userLogs);
}
public void GivenIHaveEntryIesInThePasswordHistoryTable(int numberOfPassWordHistoryEntries)
{
var passwordHistories = SeDatabase.GetPreviousPasswords();
Assert.That(passwordHistories.Count, Is.EqualTo(numberOfPassWordHistoryEntries));
}
public void ThenIHaveTheFollowingUserLogsInTheSystem(Table table)
{
var actualAuditEdits = SeDatabase.GetUserLogs();
table.CompareToSet(actualAuditEdits);
}