public void Toggle_User_Success() { // Arrange User newUser; using (var _db = tu.CreateDataBaseContext()) { newUser = tu.CreateUserObject(); _db.Users.Add(newUser); _db.SaveChanges(); } var expectedResponse = newUser; var expectedResult = newUser.Disabled; // ACT UserManagementManager _umm = new UserManagementManager(); var response = _umm.ToggleUser(newUser, null); var result = _umm.GetUser(newUser.Id); // Assert Assert.IsNotNull(response); Assert.IsTrue(response == 1); Assert.IsNotNull(result); Assert.AreEqual(expectedResponse.Id, result.Id); }
public string GetEmail(string token) { UserManagementManager umm = new UserManagementManager(); Session session = new Session(); User user; string email; try { using (var _db = new DatabaseContext()) { SessionService ss = new SessionService(_db); session = ss.GetSession(token); if (session == null) { return(""); } } var id = session.UserId; user = umm.GetUser(id); email = user.Email; } catch (ArgumentNullException) { throw new ArgumentNullException("Session is null"); } return(email); }
public void Disable_User_Success() { // Arrange newUser = tu.CreateUserInDb(); var expectedResponse = newUser; var expectedResult = true; // ACT var response = _umm.DisableUser(newUser); var result = _umm.GetUser(newUser.Id); // Assert Assert.IsTrue(response == 1); Assert.IsNotNull(result); Assert.AreEqual(expectedResult, result.Disabled); }
public void CreateNewUser_Authorized_201() { var controller = new UserManagementController(); var admin = _ut.CreateUserObject(); admin.IsAdministrator = true; var adminSession = _ut.CreateSessionObject(admin); _ut.CreateSessionInDb(adminSession); // modify user var newUser = new { username = Guid.NewGuid() + "@mail.com", city = "Long Beach", state = "California", country = "USA", manager = "", isadmin = false, disabled = false, }; // mock payload var mock_payload = new CreateUserRequestDTO { Username = newUser.username, City = newUser.city, State = newUser.state, Country = newUser.country, Manager = newUser.manager, IsAdmin = newUser.isadmin, Disabled = newUser.disabled }; var expectedStatusCode = HttpStatusCode.Created; var endpoint = API_Route_Local + "/user/update"; controller.Request = new HttpRequestMessage { RequestUri = new Uri(endpoint) }; controller.Request.Headers.Add("token", adminSession.Token); IHttpActionResult actionresult = controller.CreateNewUser(mock_payload); Assert.IsInstanceOfType(actionresult, typeof(NegotiatedContentResult <string>)); var contentresult = actionresult as NegotiatedContentResult <string>; Assert.AreEqual(expectedStatusCode, contentresult.StatusCode); // persistence test using (var _db = _ut.CreateDataBaseContext()) { var _userManager = new UserManagementManager(_db); var getUser = _userManager.GetUser(newUser.username); Assert.AreNotEqual(newUser, getUser); Assert.AreEqual(newUser.isadmin, getUser.IsAdministrator); } }
public IHttpActionResult DeleteUser(string userId) { using (var _db = new DatabaseContext()) { try { // Throws ExceptionService.NoTokenProvidedException // Throws ExceptionService.SessionNotFoundException var session = ControllerHelpers.ValidateAndUpdateSession(Request); // Throws ExceptionService.InvalidModelPayloadException ControllerHelpers.ValidateModelAndPayload(ModelState, userId); // Throws ExceptionService.InvalidGuidException var UserId = ControllerHelpers.ParseAndCheckId(userId); var _userManager = new UserManagementManager(_db); var user = _userManager.GetUser(session.UserId); if (user.IsAdministrator) { _userManager.DeleteUser(UserId); _db.SaveChanges(); var responseDeleted = Content(HttpStatusCode.OK, "User was deleted."); return(responseDeleted); } else { return(Content(HttpStatusCode.Unauthorized, "Non-administrators cannot delete users.")); } } catch (Exception e) when(e is UserNotFoundException) { return(Content(HttpStatusCode.NotFound, e.Message)); } catch (Exception e) when(e is InvalidGuidException) { return(Content(HttpStatusCode.BadRequest, e.Message)); } catch (Exception e) when(e is NoTokenProvidedException || e is SessionNotFoundException) { return(Content(HttpStatusCode.Unauthorized, e.Message)); } catch (Exception e) when(e is InvalidModelPayloadException) { return(Content(HttpStatusCode.PreconditionFailed, e.Message)); } catch (Exception e) { if (e is DbUpdateException || e is DbEntityValidationException) { _db.RevertDatabaseChanges(_db); } return(InternalServerError()); } } }
public IHttpActionResult CreateNewUser([FromBody, Required] CreateUserRequestDTO payload) { using (var _db = new DatabaseContext()) { try { // Throws ExceptionService.NoTokenProvidedException // Throws ExceptionService.SessionNotFoundException var session = ControllerHelpers.ValidateAndUpdateSession(Request); // Throws ExceptionService.InvalidModelPayloadException ControllerHelpers.ValidateModelAndPayload(ModelState, payload); var _userManager = new UserManagementManager(_db); var user = _userManager.GetUser(session.UserId); if (user.IsAdministrator) { // Throws exception, invalid username, invalid manager guid var newUser = _userManager.CreateUser(payload); _db.SaveChanges(); var responseCreated = Content(HttpStatusCode.Created, "User created."); return(responseCreated); } return(Content(HttpStatusCode.Unauthorized, "Non-administrators cannot delete users.")); } catch (Exception e) when(e is UserNotFoundException) { return(Content(HttpStatusCode.NotFound, e.Message)); } catch (Exception e) when(e is InvalidGuidException || e is InvalidEmailException) { return(Content(HttpStatusCode.BadRequest, e.Message)); } catch (Exception e) when(e is NoTokenProvidedException || e is SessionNotFoundException) { return(Content(HttpStatusCode.Unauthorized, e.Message)); } catch (Exception e) when(e is InvalidModelPayloadException) { return(Content(HttpStatusCode.PreconditionFailed, e.Message)); } catch (Exception e) when(e is UserAlreadyExistsException) { return(Content(HttpStatusCode.Conflict, e.Message)); } catch (Exception e) { if (e is DbUpdateException || e is DbEntityValidationException) { _db.RevertDatabaseChanges(_db); } return(InternalServerError()); } } }
public LoginManagerUT() { lm = new LoginManager(); um = new UserManagementManager(); user = um.GetUser("*****@*****.**"); //CreateUser("*****@*****.**", "passwordtest54321", new DateTime(1996, 12, 15)); request = new LoginRequest(); request.email = "*****@*****.**"; request.password = "******"; }
public async Task <IHttpActionResult> DeleteFromSSO() { using (var _db = new DatabaseContext()) { try { // Throws ExceptionService.NoTokenProvidedException // Throws ExceptionService.SessionNotFoundException var session = ControllerHelpers.ValidateAndUpdateSession(Request); var _userManager = new UserManagementManager(_db); var user = _userManager.GetUser(session.UserId); if (user == null) { return(Ok()); } var _ssoAPIManager = new KFC_SSO_Manager(_db); var requestSuccessful = await _ssoAPIManager.DeleteUserFromSSOviaPointmap(user); if (requestSuccessful) { _userManager.DeleteUser(user.Id); _db.SaveChanges(); return(Ok("User was deleted from Pointmap and SSO")); } var response = Content(HttpStatusCode.InternalServerError, "User was not able to be deleted from SSO."); return(response); } catch (Exception e) when(e is InvalidGuidException) { return(Content(HttpStatusCode.BadRequest, e.Message)); } catch (Exception e) when(e is NoTokenProvidedException || e is SessionNotFoundException) { return(Content(HttpStatusCode.Unauthorized, e.Message)); } catch (Exception e) when(e is KFCSSOAPIRequestException) { return(Content(HttpStatusCode.ServiceUnavailable, e.Message)); } catch (Exception e) { if (e is DbUpdateException || e is DbEntityValidationException) { _db.RevertDatabaseChanges(_db); } return(Content(HttpStatusCode.InternalServerError, e.Message)); } } }
public IHttpActionResult GetAllUsers() { using (var _db = new DatabaseContext()) { try { // Throws ExceptionService.NoTokenProvidedException // Throws ExceptionService.SessionNotFoundException var session = ControllerHelpers.ValidateAndUpdateSession(Request); var _userManager = new UserManagementManager(_db); var user = _userManager.GetUser(session.UserId); if (user.IsAdministrator) { var users = _userManager.GetUsers(); _db.SaveChanges(); var responseUsers = Content(HttpStatusCode.OK, users); return(responseUsers); } else { return(Content(HttpStatusCode.Unauthorized, "Non-administrators cannot view all users.")); } } catch (Exception e) when(e is UserNotFoundException) { return(Content(HttpStatusCode.NotFound, e.Message)); } catch (Exception e) when(e is InvalidGuidException) { return(Content(HttpStatusCode.BadRequest, e.Message)); } catch (Exception e) when(e is NoTokenProvidedException || e is SessionNotFoundException || e is UserIsNotAdministratorException) { return(Content(HttpStatusCode.Unauthorized, e.Message)); } catch (Exception e) { if (e is DbUpdateException || e is DbEntityValidationException) { _db.RevertDatabaseChanges(_db); } return(InternalServerError()); } } }
public IHttpActionResult GetUser() { using (var _db = new DatabaseContext()) { try { // Throws ExceptionService.NoTokenProvidedException // Throws ExceptionService.SessionNotFoundException var session = ControllerHelpers.ValidateAndUpdateSession(Request); UserManagementManager _userManager = new UserManagementManager(_db); var user = _userManager.GetUser(session.UserId); _db.SaveChanges(); var responseData = new GetUserResponseData { id = user.Id, username = user.Username, disabled = user.Disabled, isAdmin = user.IsAdministrator }; var responseUser = Content(HttpStatusCode.OK, responseData); return(responseUser); } catch (Exception e) when(e is UserNotFoundException) { return(Content(HttpStatusCode.NotFound, e.Message)); } catch (Exception e) when(e is InvalidGuidException) { return(Content(HttpStatusCode.BadRequest, e.Message)); } catch (Exception e) when(e is NoTokenProvidedException || e is SessionNotFoundException || e is UserIsNotAdministratorException) { return(Content(HttpStatusCode.Unauthorized, e.Message)); } catch (Exception e) { if (e is DbUpdateException || e is DbEntityValidationException) { _db.RevertDatabaseChanges(_db); } return(InternalServerError()); } } }
[Route("sso/user/delete")] // Request from sso to delete user self from sso to all apps public IHttpActionResult DeleteViaSSO([FromBody, Required] LoginRequestPayload requestPayload) { using (var _db = new DatabaseContext()) { try { // Throws ExceptionService.InvalidModelPayloadException ControllerHelpers.ValidateModelAndPayload(ModelState, requestPayload); // Throws ExceptionService.InvalidGuidException var userSSOID = ControllerHelpers.ParseAndCheckId(requestPayload.SSOUserId); // Check valid signature var _ssoServiceAuth = new SignatureService(); var validSignature = _ssoServiceAuth.IsValidClientRequest(userSSOID.ToString(), requestPayload.Email, requestPayload.Timestamp, requestPayload.Signature); if (!validSignature) { return(Content(HttpStatusCode.Unauthorized, "Invalid Token signature.")); } var _userManagementManager = new UserManagementManager(_db); // Throw exception if user does not exist var user = _userManagementManager.GetUser(userSSOID); if (user == null) { return(Content(HttpStatusCode.OK, "User does not exist")); } _userManagementManager.DeleteUser(userSSOID); _db.SaveChanges(); return(Ok("User was deleted")); } catch (Exception e) when(e is InvalidGuidException || e is InvalidModelPayloadException) { return(Content(HttpStatusCode.BadRequest, e.Message)); } catch (Exception e) { if (e is DbUpdateException || e is DbEntityValidationException) { _db.RevertDatabaseChanges(_db); } return(Content(HttpStatusCode.InternalServerError, e.Message)); } } }
public void Enable_User_Success() { // Arrange User newUser = tu.CreateUserInDb(); var expectedResponse = newUser; var expectedResult = false; // ACT UserManagementManager _umm = new UserManagementManager(); var response = _umm.EnableUser(newUser); var result = _umm.GetUser(newUser.Id); // Assert Assert.IsTrue(response == 1); Assert.IsNotNull(result); Assert.AreEqual(expectedResult, result.Disabled); }
public void Toggle_User_Success() { // Arrange newUser = tu.CreateUserInDb(); var expectedResult = !newUser.Disabled; // ACT using (var _db = new DatabaseContext()) { _umm = new UserManagementManager(_db); _umm.ToggleUser(newUser, true); _db.SaveChanges(); var result = _umm.GetUser(newUser.Id); // Assert Assert.IsNotNull(result); Assert.AreEqual(expectedResult, result.Disabled); } }
public IHttpActionResult LogoutViaSSO([FromBody] LogoutRequestPayload requestPayload) { using (var _db = new DatabaseContext()) { try { // throws ExceptionService.InvalidModelPayloadException ControllerHelpers.ValidateModelAndPayload(ModelState, requestPayload); // throws ExceptionService.InvalidGuidException var userSSOID = ControllerHelpers.ParseAndCheckId(requestPayload.SSOUserId); var _userManagementManager = new UserManagementManager(_db); var user = _userManagementManager.GetUser(userSSOID); if (user == null) { return(Content(HttpStatusCode.OK, "User does not exist.")); } var _userManager = new UserManager(_db); _userManager.Logout(user); _db.SaveChanges(); return(Ok("User was logged out.")); } catch (Exception e) when(e is InvalidGuidException || e is InvalidModelPayloadException) { return(Content(HttpStatusCode.BadRequest, e.Message)); } catch (Exception e) when(e is UserNotFoundException) { return(Content(HttpStatusCode.NotFound, e.Message)); } catch (Exception e) { if (e is DbUpdateException || e is DbEntityValidationException) { _db.RevertDatabaseChanges(_db); } return(Content(HttpStatusCode.InternalServerError, e.Message)); } } }
public IHttpActionResult Delete() // User delete self from pointmap { using (var _db = new DatabaseContext()) { try { // Throws ExceptionService.NoTokenProvidedException // Throws ExceptionService.SessionNotFoundException var session = ControllerHelpers.ValidateAndUpdateSession(Request); var _userManager = new UserManagementManager(_db); // Throw exception if user not found var user = _userManager.GetUser(session.UserId); if (user == null) { return(Content(HttpStatusCode.NotFound, "User does not exist.")); } // Delete user self and their sessions _userManager.DeleteUser(user.Id); _db.SaveChanges(); var response = Content(HttpStatusCode.OK, "User was deleted from Pointmap."); return(response); } catch (Exception e) when(e is InvalidGuidException) { return(Content(HttpStatusCode.BadRequest, e.Message)); } catch (Exception e) when(e is NoTokenProvidedException || e is SessionNotFoundException) { return(Content(HttpStatusCode.Unauthorized, e.Message)); } catch (Exception e) { if (e is DbUpdateException || e is DbEntityValidationException) { _db.RevertDatabaseChanges(_db); } return(Content(HttpStatusCode.InternalServerError, e.Message)); } } }
public async void LogoutFromSSO(string Username, Guid ssoID, long timestamp, string signature) { // Check if valid signature request var validSignature = _ssoServiceAuth.IsValidClientRequest(ssoID.ToString(), Username, timestamp, signature); if (!validSignature) { throw new InvalidTokenSignatureException("Session is not valid."); } _userManagementManager = new UserManagementManager(_db); var _userManager = new UserManager(_db); var user = _userManagementManager.GetUser(ssoID); if (user == null) { return; } // Delete all sessions of the user _userManager.Logout(user); }
public void Create_User_Using_Manager() { // Arrange string Username = Guid.NewGuid() + "@" + Guid.NewGuid() + ".com"; string password = (Guid.NewGuid()).ToString(); DateTime dob = DateTime.UtcNow; // Act using (var _db = tu.CreateDataBaseContext()) { _umm = new UserManagementManager(_db); var response = _umm.CreateUser(Username, Guid.NewGuid()); _db.SaveChanges(); var result = _umm.GetUser(response.Id); // Assert Assert.IsNotNull(response); Assert.IsNotNull(result); Assert.AreEqual(Username, result.Username); } }
public string GetEmail(string token) { UserManagementManager umm = new UserManagementManager(); SessionService ss = new SessionService(); Session session = new Session(); User user; string email; using (var _db = new DatabaseContext()) { session = ss.GetSession(_db, token); Console.WriteLine(session); } var id = session.UserId; user = umm.GetUser(id); email = user.Email; return(email); }
public static UserContract GetUser(Guid token, Guid userID) { return(UserManagementManager.GetUser(token, userID)); }