public void Test02SignUserInViaIdentityCookie()
{
FullInputContext context = new FullInputContext(true);
SignInSystem signInType = SignInSystem.Identity;
CallingUser user = new CallingUser(signInType, null, null, null, context.SiteList);
string cookie = TestUserAccounts.GetModeratorAccount.Cookie;
string policy = "http://identity/policies/dna/adult";
int siteID = 1;
Assert.IsTrue(user.IsUserSignedIn(cookie, policy, siteID, ""));
Assert.IsTrue(user.IsUserA(UserTypes.Moderator));
Assert.IsFalse(user.IsUserA(UserTypes.Editor));
}
public void Test02SignUserInViaIdentityCookie()
{
FullInputContext context = new FullInputContext("");
SignInSystem signInType = SignInSystem.Identity;
CallingUser user = new CallingUser(signInType, null, null, null, TestUserAccounts.GetModeratorAccount.UserName, context.SiteList);
string cookie = TestUserAccounts.GetModeratorAccount.Cookie;
string policy = "comment";
int siteID = 1;
Assert.IsTrue(user.IsUserSignedIn(cookie, policy, siteID, "", null, Guid.Empty));
Assert.IsTrue(user.IsUserA(UserTypes.Moderator));
Assert.IsFalse(user.IsUserA(UserTypes.Editor));
}
private Stream AddCallingUserToOutputStream(CallingUser user)
{
if (!user.IsSecureRequest)
{
user.IdentityUserID = "";
user.TeamID = 0;
user.TwitterUserID = "";
user.IdentityUserName = "";
user.LastSynchronisedDate = DateTime.Now;
}
return GetOutputStream(user);
}
private CallingUser GetCallingUserInfoInternal(string sitename)
{
var user = GetCallingUserInfoInternalFull(sitename);
var userWithLessDetail = new CallingUser(SignInSystem.Identity, null, null,null,null, null);
userWithLessDetail.UserID = user.UserID;
userWithLessDetail.UserName = user.UserName;
userWithLessDetail.UsersListOfGroups = user.UsersListOfGroups;
userWithLessDetail.Status = user.Status;
userWithLessDetail.SiteSuffix = user.SiteSuffix;
return userWithLessDetail;
}
public void Test03SignUserInAndAddThemToAcesGroup()
{
FullInputContext context = new FullInputContext(true);
SignInSystem signInType = SignInSystem.Identity;
CallingUser user = new CallingUser(signInType, context.ReaderCreator, null, null, context.SiteList);
string cookie = TestUserAccounts.GetModeratorAccount.Cookie;
string policy = "http://identity/policies/dna/adult";
int siteID = 1;
Assert.IsTrue(user.IsUserSignedIn(cookie, policy, siteID, ""));
Assert.IsTrue(user.IsUserA(UserTypes.Moderator));
Assert.IsFalse(user.GetUsersGroupsForSite().Exists(x => x.Name == "aces"));
Assert.IsTrue(user.AddUserToGroup("Aces"));
Assert.IsTrue(user.GetUsersGroupsForSite().Exists(x => x.Name == "aces"));
}
public void Test03SignUserInAndAddThemToAcesGroup()
{
FullInputContext context = new FullInputContext("dotnetmoderator");
SignInSystem signInType = SignInSystem.Identity;
CallingUser user = new CallingUser(signInType, context.ReaderCreator, null, null, TestUserAccounts.GetModeratorAccount.UserName, context.SiteList);
string cookie = TestUserAccounts.GetModeratorAccount.Cookie;
string policy = "comment";
int siteID = 1;
Assert.IsTrue(user.IsUserSignedIn(cookie, policy, siteID, TestUserAccounts.GetModeratorAccount.UserName, null, Guid.Empty));
Assert.IsTrue(user.IsUserA(UserTypes.Moderator));
Assert.IsFalse(user.GetUsersGroupsForSite().Exists(x => x.Name == "aces"));
Assert.IsTrue(user.AddUserToGroup("Aces"));
Assert.IsTrue(user.GetUsersGroupsForSite().Exists(x => x.Name.ToLower() == "aces"));
}
public void UserDoesNotGetsUDNGNameSetFromDisplayNameForNonKidsSiteUsingIDv4()
{
string cookie = "debugcookie";
string policy = "u16comments";
int siteID = 1;
string identityUserName = TestUserAccounts.GetNormalUserAccount.UserName;
string dnaUserName = "******";
string originalSiteSuffix = "OriginalSiteSuffix";
string ipAddress = "0.0.0.0";
Guid BBCUid = new Guid();
bool isKidsSite = false;
bool useIdV4 = true;
string useUDNG = "http://UDNG.bbc.co.uk";
ICacheManager mockedCacheManager;
IDnaDiagnostics mockedDiagnostics;
ISiteList mockedSiteList;
IDnaDataReaderCreator mockedCreator;
SetupCallingUserSenario(siteID, dnaUserName, originalSiteSuffix, isKidsSite, useIdV4, useUDNG, out mockedCacheManager, out mockedDiagnostics, out mockedSiteList, out mockedCreator);
_mocks.ReplayAll();
var bannedEmails = new BannedEmails(mockedCreator, mockedDiagnostics, mockedCacheManager, new List<string>(), new List<string>());
CallingUser callingUser = new CallingUser(SignInSystem.DebugIdentity, mockedCreator, mockedDiagnostics, null, identityUserName, mockedSiteList);
Assert.IsTrue(callingUser.IsUserSignedIn(cookie, policy, siteID, identityUserName, ipAddress, BBCUid));
Assert.AreNotEqual(originalSiteSuffix, callingUser.SiteSuffix);
Assert.AreNotEqual(identityUserName, callingUser.SiteSuffix);
}
public void CommentCreate_WithCharLimit_SuperUser()
{
//normal user
ICallingUser user = new CallingUser(SignInSystem.DebugIdentity, null, null, null, TestUserAccounts.GetSuperUserAccount.UserName, _siteList);
user.IsUserSignedInSecure(TestUtils.TestUserAccounts.GetSuperUserAccount.Cookie, TestUtils.TestUserAccounts.GetSuperUserAccount.SecureCookie, site.IdentityPolicy, site.SiteID, null, Guid.Empty);
bool shouldAssertCharLimit = false;
SetupforumAndTestCharLimit(user, shouldAssertCharLimit);
}
private static void SubsOnly(CallingUser callingUser)
{
bool authorised = callingUser.IsUserA(UserTypes.SubEditor) || callingUser.IsUserA(BBC.Dna.Users.UserTypes.Editor) || callingUser.IsUserA(BBC.Dna.Users.UserTypes.SuperUser);
if (!authorised)
{
throw new DnaWebProtocolException(ApiException.GetError(ErrorType.NotAuthorized));
}
}
private Article SaveArticle(ISite site, CallingUser callingUser, Article article, string siteName, bool isNewArticle, int h2g2Id)
{
// Check: does user have edit permission
if ((!isNewArticle) && !article.HasEditPermission(callingUser))
{
throw new DnaWebProtocolException(ApiException.GetError(ErrorType.UserDoesNotHavePermissionToEditArticle));
}
// Check: profanities
bool moderateProfanities = false;
string matchingProfanity;
List<Term> terms = null;
CheckForProfanities(site, article.Subject + " " + article.GuideMLAsString, out moderateProfanities, out matchingProfanity, out terms);
// Check: url filter
if ((siteList.GetSiteOptionValueBool(site.SiteID, "General", "IsURLFiltered")) && !((callingUser.IsUserA(UserTypes.Editor) || callingUser.IsUserA(UserTypes.Notable))))
{
List<string> nonAllowedMatches = new List<string>();
UrlFilter urlFilter = new UrlFilter();
UrlFilter.FilterState result = urlFilter.CheckForURLs(article.Subject + " " + article.GuideMLAsString, nonAllowedMatches, site.SiteID, readerCreator);
if (result == UrlFilter.FilterState.Fail)
{
throw new DnaWebProtocolException(ApiException.GetError(ErrorType.ArticleContainsURLs));
}
}
// Check: email filter
if ((siteList.GetSiteOptionValueBool(site.SiteID, "Forum", "EmailAddressFilter")) && !((callingUser.IsUserA(UserTypes.Editor) || callingUser.IsUserA(UserTypes.Notable))))
{
if (EmailAddressFilter.CheckForEmailAddresses(article.Subject + " " + article.GuideMLAsString))
{
throw new DnaWebProtocolException(ApiException.GetError(ErrorType.ArticleContainsEmailAddress));
}
}
if (isNewArticle)
{
article.CreateNewArticle(cacheManager, readerCreator, callingUser.UserID, site.SiteID);
//Users subscribed to this author should have their subscribed content updated.
callingUser.UpdateUserSubscriptions(readerCreator, article.H2g2Id);
}
else // existing article
{
//Don't overwrite the existing editor of the article
int editorId = 0;
try
{
editorId = article.ArticleInfo.PageAuthor.Editor.user.UserId;
if (editorId == 0)
{
editorId = callingUser.UserID;
}
}
catch
{
editorId = callingUser.UserID;
}
article.UpdateArticle(cacheManager, readerCreator, editorId);
}
// set the archive status
if (callingUser.IsUserA(UserTypes.Editor))
{
article.SetArticleForumArchiveStatus(readerCreator, false);
}
// moderate isUserImmuneFromModeration needed
bool isSiteModerated = !(site.ModerationStatus == BBC.Dna.Moderation.Utils.ModerationStatus.SiteStatus.UnMod);
bool isUserModerated = (callingUser.IsPreModerated || callingUser.IsPostModerated);
bool isArticleModerated = ((article.ArticleInfo.ModerationStatus == BBC.Dna.Moderation.Utils.ModerationStatus.ArticleStatus.PreMod) || article.ArticleInfo.ModerationStatus == BBC.Dna.Moderation.Utils.ModerationStatus.ArticleStatus.PostMod);
bool isArticleInModeration = article.IsArticleIsInModeration(readerCreator);
bool isUserInSinbin = (callingUser.IsAutoSinBin == 1);
bool isUserImmuneFromModeration = callingUser.HasSpecialEditPermissions(article.H2g2Id);
// Queue, update moderation status and hide the guide entry.
int modID = 0;
if (!isUserImmuneFromModeration)
{
if (isSiteModerated || isUserModerated || isArticleModerated || isArticleInModeration || moderateProfanities || isUserInSinbin)
{
if (!String.IsNullOrEmpty(matchingProfanity)) { matchingProfanity = "Profanities: " + matchingProfanity; }
article.QueueForModeration(readerCreator, matchingProfanity, ref modID);
}
}
if (article.HiddenStatus == (int)BBC.Dna.Moderation.Utils.CommentStatus.Hidden.NotHidden)
{
//visible
article.UnhideArticle(readerCreator, 0, 0, callingUser.UserID);
}
else
{
// hidden
article.HideArticle(readerCreator, 0, 0, callingUser.UserID);
}
article.UpdateResearchers(readerCreator);
return article;
}
public void Test04CheckSignedInNormalUserBelongsToTheCorrectGroups()
{
FullInputContext context = new FullInputContext(true);
SignInSystem signInType = SignInSystem.Identity;
CallingUser user = new CallingUser(signInType, null, null, null, context.SiteList);
string cookie = TestUserAccounts.GetNormalUserAccount.Cookie;
string policy = "http://identity/policies/dna/adult";
int siteID = 1;
Assert.IsTrue(user.IsUserSignedIn(cookie, policy, siteID, ""));
Assert.IsTrue(user.IsUserA(UserTypes.NormalUser), "User should be a normal user");
Assert.IsFalse(user.IsUserA(UserTypes.SuperUser), "User should not be a super user");
Assert.IsFalse(user.IsUserA(UserTypes.Moderator), "User should not be a moderator");
Assert.IsFalse(user.IsUserA(UserTypes.Editor), "User should not be a editor");
Assert.IsFalse(user.IsUserA(UserTypes.Notable), "User should not be a notable");
}
/// <summary>
/// gets the calling user or uses the notsignedin forum user
/// </summary>
/// <param name="site"></param>
/// <param name="forum"></param>
/// <returns></returns>
protected CallingUser GetCallingUserOrNotSignedInUser(ISite site, Forum forum)
{
CallingUser callingUser = null;
bool userSignedIn = false;
if (site != null)
{
if (String.IsNullOrEmpty(site.IdentityPolicy))
{
callingUser = new CallingUser(SignInSystem.SSO, readerCreator, dnaDiagnostic, cacheManager, debugDnaUserId, siteList);
userSignedIn = callingUser.IsUserSignedIn(QueryStringHelper.GetCookieValueAsString("SSO2-UID", ""), site.SSOService, site.SiteID, "", _iPAddress, bbcUidCookie);
}
else
{
callingUser = new CallingUser(SignInSystem.Identity, readerCreator, dnaDiagnostic, cacheManager, debugDnaUserId, siteList);
userSignedIn = callingUser.IsUserSignedInSecure(QueryStringHelper.GetCookieValueAsString("IDENTITY", ""), QueryStringHelper.GetCookieValueAsString("IDENTITY-HTTPS", ""), site.IdentityPolicy, site.SiteID, _iPAddress, bbcUidCookie);
}
// Check to see if we've got a user who's signed in, but not logged in. This usualy means they haven't agreed T&Cs
if (callingUser.GetSigninStatus == CallingUser.SigninStatus.SignedInNotLoggedIn)
{
throw new DnaWebProtocolException(new ApiException(site.IdentityPolicy, ErrorType.FailedTermsAndConditions));
}
}
if ((callingUser == null || !userSignedIn) && (forum.allowNotSignedInCommenting && forum.NotSignedInUserId != 0))
{
userSignedIn = callingUser.CreateUserFromDnaUserID(forum.NotSignedInUserId, site.SiteID);
}
if (callingUser == null || !userSignedIn)
{
throw new DnaWebProtocolException(ApiException.GetError(ErrorType.MissingUserCredentials));
}
return callingUser;
}
public void Test07CheckSignedInModeratorBelongsToTheCorrectGroups()
{
FullInputContext context = new FullInputContext("");
SignInSystem signInType = SignInSystem.Identity;
CallingUser user = new CallingUser(signInType, null, null, null, TestUserAccounts.GetModeratorAccount.UserName, context.SiteList);
string cookie = TestUserAccounts.GetModeratorAccount.Cookie;
string policy = "comment";
int siteID = 1;
Assert.IsTrue(user.IsUserSignedIn(cookie, policy, siteID, "", null, Guid.Empty));
Assert.IsTrue(user.IsUserA(UserTypes.NormalUser), "User should be a normal user");
Assert.IsFalse(user.IsUserA(UserTypes.SuperUser), "User should not be a super user");
Assert.IsTrue(user.IsUserA(UserTypes.Moderator), "User should be a moderator");
Assert.IsFalse(user.IsUserA(UserTypes.Editor), "User should not be a editor");
Assert.IsFalse(user.IsUserA(UserTypes.Notable), "User should not be a notable");
}
