public UserData(string userName, bool validateUserExists = false) : base(new ActivityContext(new ActivityPrincipal(new ActivityIdentity(userName))))
{
System.Diagnostics.Debug.WriteLine("UserData({0}, {1})", userName, validateUserExists.ToString());
var val = UserDefinition.Parse(userName);
if (val == null)
{
throw new ArgumentException("UserName does not meet expectations");
}
if (validateUserExists)
{
VoatIdentityUser user = null;
if (!String.IsNullOrWhiteSpace(userName))
{
using (var repo = VoatUserManager.Create())
{
user = repo.FindByName(userName);
}
}
if (user == null)
{
throw new VoatNotFoundException("User doesn't exist");
}
}
_userNameInit = userName;
}
//TODO: IMPORTANT This needs to be ported correctly, not using VoatUserManager param any longer
public static async Task <bool> CanUserNameBeRegistered(VoatUserManager userManager, string userName, IDictionary <string, string> charSwaps = null)
{
//List<string> spoofsToCheck = new List<string>();
//spoofsToCheck.Add(userName); //add original username
////process deviations
//if (spoofSubstitutionFuncList != null && spoofSubstitutionFuncList.Any())
//{
// foreach (var spoofFunc in spoofSubstitutionFuncList)
// {
// var l = spoofFunc(userName);
// if (l != null && l.Any())
// {
// spoofsToCheck.AddRange(l.Where(x => !String.IsNullOrEmpty(x) && !userName.IsEqual(x)).ToList()); //only add valid items
// }
// }
//}
//TODO: Need to migrate to dapper and repo
//var accountExists = spoofsToCheck.Any(x => userManager.FindByNameAsync(x).Result != null);
var spoofsToCheck = SpooferProofer.CharacterSwapList(userName, charSwaps, true, Normalization.Lower);
var accountExists = await VoatUserManager.UserNameExistsAsync(spoofsToCheck);
return(!accountExists);
}
protected override void Dispose(bool disposing)
{
if (disposing && UserManager != null)
{
UserManager.Dispose();
UserManager = null;
}
base.Dispose(disposing);
}
protected override async Task <VoatIdentityUser> GetData()
{
using (var db = new IdentityDataContext())
{
using (var context = VoatUserManager.Create())
{
var user = await context.FindByNameAsync(_userToRetrieve);
return(user);
}
}
}
public void TestLogin()
{
var userName = "******";
TestDataInitializer.CreateUser("TestLoginUser");
using (var m = VoatUserManager.Create())
{
var r = m.Find(userName, userName);
Assert.IsNotNull(r, "Did not find user");
r = m.Find(userName, userName.ToUpper());
Assert.IsNull(r, "Incorrect password works");
}
}
//private readonly IEmailSender _emailSender;
//private readonly ISmsSender _smsSender;
//private readonly ILogger _logger;
//private readonly string _externalCookieScheme;
public AccountController(
VoatUserManager userManager,
SignInManager <VoatIdentityUser> signInManager
//IOptions<IdentityCookieOptions> identityCookieOptions
//IEmailSender emailSender,
//ISmsSender smsSender,
//ILoggerFactory loggerFactory
)
{
_userManager = userManager;
_signInManager = signInManager;
//_externalCookieScheme = identityCookieOptions.Value.ExternalCookieAuthenticationScheme;
//_emailSender = emailSender;
//_smsSender = smsSender;
//_logger = loggerFactory.CreateLogger<AccountController>();
UserManager = _userManager;
}
public static void CreateUser(string userName, DateTime?registrationDate = null)
{
//SchemaInitializerApplicationDbContext.ReferenceEquals(null, new object());
var manager = VoatUserManager.Create();
//if (!UserHelper.UserExists(userName))
//{
var user = new Voat.Data.Models.VoatIdentityUser()
{
UserName = userName, RegistrationDateTime = (registrationDate.HasValue ? registrationDate.Value : DateTime.UtcNow), LastLoginDateTime = new DateTime(1900, 1, 1, 0, 0, 0, 0), LastLoginFromIp = "0.0.0.0"
};
string pwd = userName.GetUnitTestUserPassword();
var result = manager.Create(user, pwd);
if (!result.Succeeded)
{
throw new Exception("Error creating test user " + userName);
}
// }
}
public async Task TestUserNameAvailability()
{
var originalUserName = "******";
using (var userManager = VoatUserManager.Create())
{
var user = new VoatIdentityUser
{
UserName = originalUserName,
RegistrationDateTime = DateTime.UtcNow,
LastLoginFromIp = "127.0.0.1",
LastLoginDateTime = DateTime.UtcNow
};
// try to create new user account
var createResult = await userManager.CreateAsync(user, "topsecretpasswordgoeshere");
Assert.AreEqual(true, createResult.Succeeded);
var response = await UserHelper.CanUserNameBeRegistered(userManager, originalUserName, null);
Assert.AreEqual(false, response);
response = await UserHelper.CanUserNameBeRegistered(userManager, "iheartfuzzylol", null); //test casing
Assert.AreEqual(false, response);
response = await UserHelper.CanUserNameBeRegistered(userManager, "lheartfuzzylol2", null);
Assert.AreEqual(true, response);
//Xbox Test
response = await UserHelper.CanUserNameBeRegistered(userManager, $"xX{originalUserName}Xx", null);
Assert.AreEqual(true, response);
Dictionary <string, string> charSwaps = new Dictionary <string, string>();
charSwaps.Add("i", "l");
charSwaps.Add("o", "0");
charSwaps.Add("h", "hahaha"); //just to make sure offset swapping does not break
charSwaps.Add("heart", "like"); //just to make sure offset swapping does not break
response = await UserHelper.CanUserNameBeRegistered(userManager, originalUserName, null);
Assert.AreEqual(false, response);
response = await UserHelper.CanUserNameBeRegistered(userManager, "iheartfuzzyIoI", charSwaps);
Assert.AreEqual(false, response);
response = await UserHelper.CanUserNameBeRegistered(userManager, "lheartfuzzyLOL", charSwaps);
Assert.AreEqual(false, response);
response = await UserHelper.CanUserNameBeRegistered(userManager, "lheartFuzzyIOi", charSwaps);
Assert.AreEqual(false, response);
response = await UserHelper.CanUserNameBeRegistered(userManager, "lheartFuzzyl0i", charSwaps);
Assert.AreEqual(false, response);
}
}
private void VerifyDelete(Domain.Models.DeleteAccountOptions options)
{
using (var db = new Voat.Data.Models.VoatDataContext())
{
int count = 0;
switch (options.Comments.Value)
{
case Domain.Models.DeleteOption.Anonymize:
count = db.Comment.Count(x => x.UserName.ToLower() == options.UserName && !x.IsAnonymized);
Assert.AreEqual(0, count, $"Comment {options.Comments.ToString()} setting found violations");
break;
case Domain.Models.DeleteOption.Delete:
count = db.Comment.Count(x => x.UserName.ToLower() == options.UserName.ToLower() && !x.IsDeleted);
Assert.AreEqual(0, count, $"Comment {options.Comments.ToString()} setting found violations");
break;
}
var checkSubmissions = new Action <string, Domain.Models.SubmissionType, Domain.Models.DeleteOption>((userName, submissionType, deleteSetting) =>
{
switch (deleteSetting)
{
case Domain.Models.DeleteOption.Anonymize:
count = db.Submission.Count(x => x.UserName.ToLower() == options.UserName.ToLower() && !x.IsAnonymized && x.Type == (int)submissionType);
Assert.AreEqual(0, count, $"{submissionType.ToString()} Submission {deleteSetting.ToString()} setting found violations");
break;
case Domain.Models.DeleteOption.Delete:
count = db.Submission.Count(x => x.UserName.ToLower() == options.UserName.ToLower() && !x.IsDeleted && x.Type == (int)submissionType);
Assert.AreEqual(0, count, $"{submissionType.ToString()} Submission {deleteSetting.ToString()} setting found violations");
break;
}
});
checkSubmissions(options.UserName, Domain.Models.SubmissionType.Text, options.TextSubmissions);
checkSubmissions(options.UserName, Domain.Models.SubmissionType.Link, options.LinkSubmissions);
//Check account VoatSettings.Instance.
using (var userManager = VoatUserManager.Create())
{
var userAccount = userManager.FindByName(options.UserName);
Assert.IsNotNull(userAccount, "Can't find user account using manager");
if (!String.IsNullOrEmpty(options.RecoveryEmailAddress))
{
//Verify recovery info
Assert.AreEqual(userAccount.Email, options.RecoveryEmailAddress);
Assert.IsNotNull(userAccount.LockoutEnd, "Lockout should be enabled");
Assert.IsTrue(userAccount.LockoutEnd.Value.Subtract(DateTime.UtcNow) >= TimeSpan.FromDays(89), "Lockout be set to roughly 90 days");
}
else
{
Assert.AreEqual(userAccount.Email, null);
Assert.IsNull(userAccount.LockoutEnd, "Lockout should not be enabled");
}
//Make sure password is reset
var passwordAccess = userManager.Find(options.UserName, options.CurrentPassword);
Assert.IsNull(passwordAccess, "Can access user account with old password");
}
var badgeToCheck = String.IsNullOrEmpty(options.RecoveryEmailAddress) ? "deleted" : "deleted2";
Assert.AreEqual(1, db.UserBadge.Count(x => x.UserName == options.UserName && x.BadgeID == badgeToCheck), "Can not find delete badge");
//Verify Bio and Avatar cleared
var prefs = db.UserPreference.Where(x => x.UserName.ToLower() == options.UserName.ToLower()).ToList();
foreach (var pref in prefs)
{
Assert.AreEqual(null, pref.Avatar, "Avatar not cleared");
Assert.AreEqual(null, pref.Bio, "Bio not cleared");
}
}
}