private void RegisteredUserDataTest(string name, string address, string password, string creditCard)
{
DoSignUp(name, address, password, creditCard);
Assert.IsFalse(MarketException.HasErrorRaised());
RegisteredUser registeredUser = (RegisteredUser)userServiceSession.MarketUser;
object[] expectedData = { registeredUser.SystemID, name, address, UserSecurityService.GetSecuredPassword(password),creditCard };
Assert.IsTrue(expectedData.SequenceEqual(registeredUser.ToData()));
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
var roles = UserSecurityService.UserRoles(filterContext.HttpContext.User.Identity.Name);
if (!roles.Any())
{
filterContext.Result = new HttpUnauthorizedResult(Resources.NoAccess_Application);
}
base.OnAuthorization(filterContext);
}
public void CreateAndVerifyPassword()
{
var password = "******";
var service = new UserSecurityService();
var salt = service.GetSalt();
var hashedPassword = service.CreatePassword(password, salt);
var another = service.CreatePassword(password, salt);
Assert.True(service.Verify(password, service.CreatePassword(password, salt), salt));
Assert.False(service.Verify(password, service.CreatePassword("wrong", salt), salt));
}
public IEnumerable <User> Get()
{
var id = 1;
var nhService = new UserSecurityService(_nhUserRepo);
var efService = new UserSecurityService(_efUserRepo);
var ret = new List <User>();
ret.AddRange(nhService.GetUsers());
ret.AddRange(efService.GetUsers());
return(ret);
}
/// <summary>
/// 启动服务
/// </summary>
public static void StartService()
{
m_eventService = new EventService();
m_httpGetService = new HttpGetService();
m_httpPostService = new HttpPostService();
m_loginService = new LoginService();
m_newsService = new NewsService();
m_userSessionService = new UserSessionService();
m_userSecurityService = new UserSecurityService();
BaseService.AddService(m_eventService);
BaseService.AddService(m_httpPostService);
BaseService.AddService(m_loginService);
BaseService.AddService(m_newsService);
BaseService.AddService(m_userSessionService);
BaseService.AddService(m_userSecurityService);
}
public async Task <IActionResult> LoginByEmail(
[FromBody] AuthEmailBinding binding,
[FromServices] UserSecurityService gamerSecurityService,
CancellationToken cancellationToken)
{
var gamer = await _authorizationRepository.GetUserByEmail(binding.Email, binding.GuildId, cancellationToken);
if (gamer == null)
{
throw new ApiException(HttpStatusCode.Forbidden, ErrorCodes.Forbidden, "");
}
if (!gamer.IsActive)
{
throw new ApiException(HttpStatusCode.Forbidden, ErrorCodes.Forbidden, "");
}
if (!gamerSecurityService.TestPassword(gamer, binding.Password))
{
throw new ApiException(HttpStatusCode.Unauthorized, ErrorCodes.Forbidden, "");
}
var sessionId = Guid.NewGuid();
await _authorizationRepository.SaveSession(new Session(sessionId, gamer.Id, 60 * 26, HttpContext.GetIp()));
var roles = new List <String>();
if (gamer.Roles != null)
{
roles.AddRange(gamer.Roles);
}
// костыль для демо интрефейса :D, надо будет отрефакторить...
if (binding.GuildId == Guid.Parse("00000000-0000-4000-0000-000000000003"))
{
roles.Add("Demo");
}
roles.Add(gamer.Rank.ToString().ToLower());
return(Ok(new TokenView
{
Token = sessionId,
GuildId = gamer.GuildId,
Roles = roles.Distinct(StringComparer.InvariantCultureIgnoreCase).ToArray()
}));
}
public void PromoteToAdminTest()
{
DoSignUpSignIn("MaorLogin17", "Here 3", "123", "12345678");
RegisteredUser adminUser = (RegisteredUser)userServiceSignInSession.MarketUser;
object[] expectedData = { adminUser.SystemID, "MaorLogin17", "Here 3", UserSecurityService.GetSecuredPassword("123"), "12345678" };
Assert.IsTrue(expectedData.SequenceEqual(adminUser.ToData()));
Assert.IsTrue(adminUser.IsRegisteredUser());
Assert.IsFalse(adminUser.IsSystemAdmin());
Assert.IsFalse(adminUser.HasStorePolicies());
adminUser.PromoteToAdmin();
Assert.AreEqual(0, adminUser.Cart.GetCartStorage().Length);
Assert.IsTrue(expectedData.SequenceEqual(adminUser.ToData()));
Assert.IsTrue(adminUser.IsRegisteredUser());
Assert.IsTrue(adminUser.IsSystemAdmin());
Assert.IsFalse(adminUser.HasStorePolicies());
}
public async Task <IActionResult> Post(
[FromBody] AuthLoginBinding binding,
[FromServices] UserSecurityService gamerSecurityService,
CancellationToken cancellationToken)
{
var gamer = await _authorizationRepository.GetUser(binding.Login, cancellationToken);
if (gamer == null)
{
throw new ApiException(HttpStatusCode.NotFound, ErrorCodes.Forbidden, "");
}
if (String.IsNullOrEmpty(gamer.Password))
{
gamerSecurityService.CreatePassword(gamer, binding.Password);
await _authorizationRepository.SaveUser(gamer);
}
else
{
if (!gamerSecurityService.TestPassword(gamer, binding.Password))
{
throw new ApiException(HttpStatusCode.Unauthorized, ErrorCodes.Forbidden, "");
}
}
var sessionId = Guid.NewGuid();
await _authorizationRepository.SaveSession(new Session(sessionId, gamer.Id, 60 * 26, HttpContext.GetIp()));
var roles = new List <String>();
if (gamer.Roles != null)
{
roles.AddRange(gamer.Roles);
}
roles.Add(gamer.Rank.ToString().ToLower());
return(Ok(new TokenView
{
Token = sessionId,
GuildId = gamer.GuildId,
Roles = roles.Distinct(StringComparer.InvariantCultureIgnoreCase).ToArray()
}));
}
/// <summary>
/// 调用控件线程方法
/// </summary>
/// <param name="args">参数</param>
public void OnInvoke(object args)
{
CMessage message = (CMessage)args;
if (message.m_serviceID == m_quoteService.ServiceID)
{
LatestDataInfo dataInfo = new LatestDataInfo();
List <SecurityLatestData> datas = new List <SecurityLatestData>();
QuoteService.GetLatestDatas(ref dataInfo, datas, message.m_body, message.m_bodyLength);
int datasSize = datas.Count;
for (int i = 0; i < datasSize; i++)
{
m_latestDatas[datas[i].m_securityCode] = datas[i];
}
datas.Clear();
}
else
{
List <UserSecurityCategory> categories = new List <UserSecurityCategory>();
UserSecurityService.GetCategories(categories, message.m_body, message.m_bodyLength);
UserSecurityCategory category = categories[0];
switch (message.m_functionID)
{
case UserSecurityService.FUNCTIONID_USERSECURITY_ADDCATEGORIES:
AddCategoriesToCategoryGrid(categories);
break;
case UserSecurityService.FUNCTIONID_USERSECURITY_DELETECATEGORIES:
RemoveCategoriesFromCategoryGrid(categories);
break;
case UserSecurityService.FUNCTIONID_USERSECURITY_UPDATECATEGORIES:
UpdateCategoriesToCategoryGrid(categories);
break;
case UserSecurityService.FUNCTIONID_USERSECURITY_ADDSECURITIES:
case UserSecurityService.FUNCTIONID_USERSECURITY_DELETESECURITIES:
{
String categoryID = "";
List <GridRow> selectedRows = m_gridCategory.SelectedRows;
int selectedRowsSize = selectedRows.Count;
if (selectedRowsSize > 0)
{
categoryID = selectedRows[0].GetCell(0).Text;
}
if (categoryID != null && categoryID == category.m_categoryID)
{
List <Security> securities = new List <Security>();
m_securityService.GetSecuritiesByCodes(category.m_codes, securities);
if (message.m_functionID == UserSecurityService.FUNCTIONID_USERSECURITY_ADDSECURITIES)
{
AddSecuritiesToSecuritiesGrid(securities);
}
else if (message.m_functionID == UserSecurityService.FUNCTIONID_USERSECURITY_DELETESECURITIES)
{
RemoveSecuritiesFromSecuritiesGrid(securities);
}
}
break;
}
}
}
m_window.Invalidate();
}
/// <summary>
/// 接收消息方法
/// </summary>
/// <param name="message">消息</param>
public override void OnReceive(CMessage message)
{
if (message.m_functionID == FUNCTIONID_USERSECURITY_GETVISITSCOUNT)
{
UserSecurityVisitsCount visitsCount = new UserSecurityVisitsCount();
Binary br = new Binary();
br.Write(message.m_body, message.m_bodyLength);
visitsCount.m_userID = br.ReadInt();
visitsCount.CodesFromString(br.ReadString());
m_visitsCount = visitsCount.m_codes;
br.Close();
}
else
{
List <UserSecurityCategory> categories = new List <UserSecurityCategory>();
UserSecurityService.GetCategories(categories, message.m_body, message.m_bodyLength);
int categoriesSize = categories.Count;
if (message.m_functionID != FUNCTIONID_USERSECURITY_GETCATEGORIES)
{
message.m_requestID = m_operatorRequestID;
}
switch (message.m_functionID)
{
case FUNCTIONID_USERSECURITY_GETCATEGORIES:
{
m_categories = categories;
m_loaded = true;
break;
}
case FUNCTIONID_USERSECURITY_ADDCATEGORIES:
{
bool add = false;
for (int i = 0; i < categoriesSize; i++)
{
UserSecurityCategory category = null;
if (!GetCategory(categories[i].m_categoryID, ref category))
{
m_categories.Add(categories[i]);
add = true;
}
}
if (!add)
{
return;
}
break;
}
case FUNCTIONID_USERSECURITY_DELETECATEGORIES:
{
for (int i = 0; i < categoriesSize; i++)
{
UserSecurityCategory category = null;
if (GetCategory(categories[i].m_categoryID, ref category))
{
m_categories.Remove(category);
}
}
break;
}
case FUNCTIONID_USERSECURITY_UPDATECATEGORIES:
{
for (int i = 0; i < categoriesSize; i++)
{
UserSecurityCategory updateCategory = categories[i];
int curCategoriesSize = m_categories.Count;
for (int j = 0; j < curCategoriesSize; j++)
{
UserSecurityCategory category = m_categories[j];
if (category.m_categoryID == updateCategory.m_categoryID)
{
m_categories[j] = updateCategory;
break;
}
}
}
break;
}
case FUNCTIONID_USERSECURITY_ADDSECURITIES:
{
for (int i = 0; i < categoriesSize; i++)
{
UserSecurityCategory updateCategory = categories[i];
int curCategoriesSize = m_categories.Count;
for (int j = 0; j < curCategoriesSize; j++)
{
UserSecurityCategory category = m_categories[j];
if (category.m_categoryID == updateCategory.m_categoryID)
{
if (category.m_codes != null && category.m_codes.Length > 0)
{
updateCategory.m_codes = m_categories[j].m_codes + "," + updateCategory.m_codes;
}
m_categories[j] = updateCategory;
break;
}
}
}
break;
}
case FUNCTIONID_USERSECURITY_DELETESECURITIES:
{
for (int i = 0; i < categoriesSize; i++)
{
UserSecurityCategory updateCategory = categories[i];
int curCategoriesSize = m_categories.Count;
for (int j = 0; j < curCategoriesSize; j++)
{
UserSecurityCategory category = m_categories[j];
if (category.m_categoryID == updateCategory.m_categoryID)
{
if (updateCategory.m_codes != null && updateCategory.m_codes.Length > 0 && category.m_codes != null && category.m_codes.Length > 0)
{
String[] deleteCodes = updateCategory.m_codes.Split(',');
int deleteCodesSize = deleteCodes.Length;
Dictionary <String, String> deleteCodesMap = new Dictionary <String, String>();
for (int m = 0; m < deleteCodesSize; m++)
{
deleteCodesMap[deleteCodes[m]] = "";
}
String[] codes = category.m_codes.Split(',');
int codesSize = codes.Length;
String newCodes = "";
for (int m = 0; m < codesSize; m++)
{
if (!deleteCodesMap.ContainsKey(codes[m]))
{
newCodes += codes[m] + ",";
}
}
if (newCodes != null && newCodes.Length > 0)
{
if (newCodes.Substring(newCodes.Length - 1) == ",")
{
newCodes = newCodes.Substring(0, newCodes.Length - 1);
}
}
updateCategory.m_codes = newCodes;
}
m_categories[j] = updateCategory;
break;
}
}
}
break;
}
}
}
base.OnReceive(message);
}
public void GoodLoginDataTest()
{
DoSignUpSignIn("MaorLogin2", "Here 4", "123", "12345678");
object[] loggedUserData = ((RegisteredUser)userServiceSignInSession.MarketUser).ToData();
object[] registeredUserData = ((RegisteredUser)userServiceSignUpSession.MarketUser).ToData();
object[] expectedData = { loggedUserData[0], "MaorLogin2", "Here 4", UserSecurityService.GetSecuredPassword("123"), "12345678" };
Assert.IsTrue(loggedUserData.SequenceEqual(registeredUserData));
Assert.IsTrue(loggedUserData.SequenceEqual(expectedData));
}