public async Task ExpiredTokenIsUnauthorizedPresecurity(int value)
{
var accessMock = new Mock <IRepository <AccessTokenSchema> >();
var result = new Task <AccessTokenSchema>(() =>
{
return(new AccessTokenSchema
{
InternalId = ObjectId.GenerateNewId(),
Hash = string.Empty,
User = ObjectId.GenerateNewId(),
CreatedAt = new BsonDateTime(DateTime.UtcNow.AddSeconds(-value)),
Role = RoleOptions.Admin,
});
});
result.Start();
accessMock.Setup(a => a.FindOne(It.IsAny <FilterDefinition <AccessTokenSchema> >()))
.Returns(result)
.Verifiable();
var client = CustomHost.Create(accessMock);
var request = CustomRequest.Create(HttpMethod.Post, "/authentication/signUps/", false);
request.Headers.TryAddWithoutValidation("Cookie", "ExperienceCapture-Access-Token=" + "ok");
var response = await client.SendAsync(request);
Assert.True(
response.StatusCode == HttpStatusCode.Unauthorized,
"Triggering pre-security with an expired token is not unauthorized.");
}
public async Task MultipleRoutesPostSignUp(string input)
{
var accessMock = new Mock <IRepository <AccessTokenSchema> >();
var result = new Task <AccessTokenSchema>(() =>
{
return(new AccessTokenSchema
{
CreatedAt = new BsonDateTime(DateTime.UtcNow),
Role = RoleOptions.Admin,
});
});
result.Start();
accessMock.Setup(a => a.FindOne(It.IsAny <FilterDefinition <AccessTokenSchema> >()))
.Returns(result)
.Verifiable();
var client = CustomHost.Create(accessMock);
var request = CustomRequest.Create(HttpMethod.Post, $"/authentication/signUps{input}");
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
}
public async Task MultiplePathsAcceptedGetExport(string input)
{
var sessionMock = new Mock <IRepository <SessionSchema> >();
var result = new Task <SessionSchema>(() =>
{
return(new SessionSchema
{
InternalId = null,
Id = null,
User = null,
CreatedAt = null,
Tags = null,
ExportState = ExportOptions.Done,
});
});
result.Start();
sessionMock.Setup(a => a.FindById(It.IsAny <string>()))
.Returns(result)
.Verifiable("A session was never searched for.");
var client = CustomHost.Create(sessionMock: sessionMock);
var request = CustomRequest.Create(HttpMethod.Get, $"/sessions/EXEX/export{input}");
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
}
public async Task AnyStringIsAllowedPostTag(string value)
{
var sessionMock = new Mock <IRepository <SessionSchema> >();
var result = new Task <SessionSchema>(() =>
{
return(new SessionSchema
{
InternalId = ObjectId.GenerateNewId(),
Id = string.Empty,
User = null,
CreatedAt = new BsonDateTime(DateTime.UtcNow),
Tags = new List <string>(),
});
});
result.Start();
sessionMock.Setup(s => s.FindById(It.IsAny <string>()))
.Returns(result)
.Verifiable("A session was never searched for.");
var client = CustomHost.Create(sessionMock: sessionMock);
var request = CustomRequest.Create(HttpMethod.Post, $"/sessions/EXEX/tags/{value}");
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
}
public async Task EmptyTagIsNotFoundPostTags()
{
var sessionMock = new Mock <IRepository <SessionSchema> >();
var result = new Task <SessionSchema>(() =>
{
return(new SessionSchema
{
InternalId = ObjectId.GenerateNewId(),
Id = string.Empty,
User = null,
CreatedAt = new BsonDateTime(DateTime.UtcNow),
Tags = new List <string>(),
});
});
result.Start();
sessionMock.Setup(s => s.FindById(It.IsAny <string>()))
.Returns(result)
.Verifiable("A session was never searched for.");
var client = CustomHost.Create(sessionMock: sessionMock);
var request = CustomRequest.Create(HttpMethod.Post, $"/sessions/EXEX/tags/");
var response = await client.SendAsync(request);
Assert.True(
response.StatusCode == HttpStatusCode.NotFound,
"Tagging a an empty is not 'not found'.");
}
public async Task UpdateIsCalledDeleteTag()
{
var sessionMock = new Mock <IRepository <SessionSchema> >();
var result = new Task <SessionSchema>(() =>
{
return(new SessionSchema
{
InternalId = ObjectId.GenerateNewId(),
Id = string.Empty,
User = null,
CreatedAt = new BsonDateTime(DateTime.UtcNow),
Tags = new List <string>(),
});
});
result.Start();
sessionMock.Setup(s => s.FindById(It.IsAny <string>()))
.Returns(result)
.Verifiable("A session was never searched for.");
// For some reason Verify() doesn't work
sessionMock.Setup(
s => s.Update(
It.IsAny <FilterDefinition <SessionSchema> >(),
It.IsAny <UpdateDefinition <SessionSchema> >()))
.Verifiable("A session was never updated.");
var client = CustomHost.Create(sessionMock: sessionMock);
var request = CustomRequest.Create(HttpMethod.Delete, $"/sessions/EXEX/tags/test");
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
}
public async Task ResponceExpirationIsInTheFuturePostSignUp()
{
var now = new BsonDateTime(DateTime.UtcNow);
var accessMock = new Mock <IRepository <AccessTokenSchema> >();
var result = new Task <AccessTokenSchema>(() =>
{
return(new AccessTokenSchema
{
CreatedAt = new BsonDateTime(DateTime.UtcNow),
Role = RoleOptions.Admin,
});
});
result.Start();
accessMock.Setup(a => a.FindOne(It.IsAny <FilterDefinition <AccessTokenSchema> >()))
.Returns(result)
.Verifiable();
var client = CustomHost.Create(accessMock);
var request = CustomRequest.Create(HttpMethod.Post, "/authentication/signUps");
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
var body = await response.Content.ReadAsStringAsync();
var data = BsonSerializer.Deserialize <SignUpTokenResponce>(body);
Assert.True(data.Expiration > now, "SignUp expiration data is before the current time.");
}
public StoreTests()
: base(
"Store\\Common.ps1",
"Store\\StoreTests.ps1")
{
customHost = new CustomHost();
}
public async Task CorrectContentGetExport()
{
var sessionMock = new Mock <IRepository <SessionSchema> >();
var result = new Task <SessionSchema>(() =>
{
return(new SessionSchema
{
InternalId = null,
Id = null,
User = null,
CreatedAt = null,
Tags = null,
ExportState = ExportOptions.Done,
});
});
result.Start();
sessionMock.Setup(a => a.FindById(It.IsAny <string>()))
.Returns(result)
.Verifiable("A session was never searched for.");
var client = CustomHost.Create(sessionMock: sessionMock);
var request = CustomRequest.Create(HttpMethod.Get, "/sessions/EXEX/export");
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
Assert.Equal(
"application/zip",
response.Content.Headers.ContentType.ToString());
}
public async Task UpdateIsCalledPostExport()
{
var sessionMock = new Mock <IRepository <SessionSchema> >();
var result = new Task <SessionSchema>(() =>
{
return(new SessionSchema
{
InternalId = null,
Id = null,
User = null,
CreatedAt = null,
Tags = null,
});
});
result.Start();
sessionMock.Setup(s => s.FindById(It.IsAny <string>()))
.Returns(result)
.Verifiable("A session was never searched for.");
sessionMock.Setup(s => s.Update(
It.IsAny <FilterDefinition <SessionSchema> >(),
It.IsAny <UpdateDefinition <SessionSchema> >()))
.Verifiable("A session was never updated for.");
var client = CustomHost.Create(sessionMock: sessionMock);
var request = CustomRequest.Create(HttpMethod.Post, "/sessions/EXEX/export");
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
}
public async Task IsBrokenGetExport()
{
var sessionMock = new Mock <IRepository <SessionSchema> >();
var result = new Task <SessionSchema>(() =>
{
return(new SessionSchema
{
InternalId = null,
Id = null,
User = null,
CreatedAt = null,
Tags = null,
ExportState = ExportOptions.Error,
});
});
result.Start();
sessionMock.Setup(a => a.FindById(It.IsAny <string>()))
.Returns(result)
.Verifiable("A session was never searched for.");
var client = CustomHost.Create(sessionMock: sessionMock);
var request = CustomRequest.Create(HttpMethod.Get, "/sessions/EXEX/export");
var response = await client.SendAsync(request);
Assert.True(
response.StatusCode == HttpStatusCode.InternalServerError,
"Getting export is not 'internal server error'.");
}
public async Task OtherMethodsSignUp(string input)
{
var client = CustomHost.Create();
var requestPut = CustomRequest.Create(HttpMethod.Put, $"/authentication/signUps{input}");
var responsePut = await client.SendAsync(requestPut);
Assert.True(
responsePut.StatusCode == HttpStatusCode.MethodNotAllowed,
"Putting SignUp is an allowed method.");
var requestPatch = CustomRequest.Create(HttpMethod.Patch, $"/authentication/signUps{input}");
var responsePatch = await client.SendAsync(requestPatch);
Assert.True(
responsePatch.StatusCode == HttpStatusCode.MethodNotAllowed,
"Patching SignUp is an allowed method.");
var requestGet = CustomRequest.Create(HttpMethod.Get, $"/authentication/signUps{input}");
var responseGet = await client.SendAsync(requestGet);
Assert.True(
responseGet.StatusCode == HttpStatusCode.MethodNotAllowed,
"Gettings SignUp is an allowed method.");
var requestDelete = CustomRequest.Create(HttpMethod.Delete, $"/authentication/signUps{input}");
var responseDelete = await client.SendAsync(requestDelete);
Assert.True(
responseDelete.StatusCode == HttpStatusCode.MethodNotAllowed,
"Deleting SignUp is an allowed method.");
}
public async Task BsonTypeIsCorrect()
{
var sessionMock = new Mock <IRepository <SessionSchema> >();
var result = new Task <SessionSchema>(() =>
{
return(new SessionSchema()
{
User = new PersonSchema
{
},
});
});
result.Start();
sessionMock.Setup(s => s.FindById(It.IsAny <string>()))
.Returns(result)
.Verifiable("A session was never searched for.");
var client = CustomHost.Create(sessionMock: sessionMock);
var request = CustomRequest.Create(HttpMethod.Get, "/sessions/EXEX?bson=true");
var response = await client.SendAsync(request);
Assert.Equal(
"application/bson",
response.Content.Headers.ContentType.ToString());
}
public async Task BadAccessTokenIsUnauthorizedPresecurity(string value)
{
var accessMock = new Mock <IRepository <AccessTokenSchema> >();
var result = new Task <AccessTokenSchema>(() =>
{
return(null);
});
result.Start();
accessMock.Setup(a => a.FindOne(It.IsAny <FilterDefinition <AccessTokenSchema> >()))
.Returns(result)
.Verifiable();
var client = CustomHost.Create(accessMock);
var request = CustomRequest.Create(HttpMethod.Post, "/authentication/signUps/", false);
request.Headers.TryAddWithoutValidation("Cookie", "ExperienceCapture-Access-Token=" + value);
var response = await client.SendAsync(request);
Assert.True(
response.StatusCode == HttpStatusCode.Unauthorized,
"Triggering pre-security with a bad token is not unauthorized.");
}
public async Task OtherMethodsExport(string input)
{
var client = CustomHost.Create();
var requestPut = CustomRequest.Create(HttpMethod.Put, $"/sessions/EXEX/export{input}");
var responsePut = await client.SendAsync(requestPut);
Assert.True(
responsePut.StatusCode == HttpStatusCode.MethodNotAllowed,
"Putting export is an allowed method.");
var requestPatch = CustomRequest.Create(HttpMethod.Patch, $"/sessions/EXEX/export{input}");
var responsePatch = await client.SendAsync(requestPatch);
Assert.True(
responsePatch.StatusCode == HttpStatusCode.MethodNotAllowed,
"Patching export is an allowed method.");
var requestDelete = CustomRequest.Create(HttpMethod.Patch, $"/sessions/EXEX/export{input}");
var responseDelete = await client.SendAsync(requestDelete);
Assert.True(
responseDelete.StatusCode == HttpStatusCode.MethodNotAllowed,
"Deleting export is an allowed method.");
}
public async Task ResponceIsOkDeleteTags()
{
var sessionMock = new Mock <IRepository <SessionSchema> >();
var result = new Task <SessionSchema>(() =>
{
return(new SessionSchema
{
InternalId = ObjectId.GenerateNewId(),
Id = string.Empty,
User = null,
CreatedAt = new BsonDateTime(DateTime.UtcNow),
Tags = new List <string>(),
});
});
result.Start();
sessionMock.Setup(s => s.FindById(It.IsAny <string>()))
.Returns(result)
.Verifiable("A session was never searched for.");
var client = CustomHost.Create(sessionMock: sessionMock);
var request = CustomRequest.Create(HttpMethod.Delete, $"/sessions/EXEX/tags/test");
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
Assert.Equal(
"text/plain; charset=utf-8",
response.Content.Headers.ContentType.ToString());
Assert.True(
await response.Content.ReadAsStringAsync() == "OK",
"Tagging does not have a body of 'OK'.");
}
public async Task ResponceIsValidBsonPostSignUp(string input)
{
var accessMock = new Mock <IRepository <AccessTokenSchema> >();
var result = new Task <AccessTokenSchema>(() =>
{
return(new AccessTokenSchema
{
CreatedAt = new BsonDateTime(DateTime.UtcNow),
Role = RoleOptions.Admin,
});
});
result.Start();
accessMock.Setup(a => a.FindOne(It.IsAny <FilterDefinition <AccessTokenSchema> >()))
.Returns(result)
.Verifiable();
var client = CustomHost.Create(accessMock);
var request = CustomRequest.Create(HttpMethod.Post, $"/authentication/signUps{input}bson=true");
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
var body = await response.Content.ReadAsByteArrayAsync();
var data = BsonSerializer.Deserialize <SignUpTokenResponce>(body);
Assert.False(data == null, "SignUp data is null.");
Assert.False(data.SignUpToken == null, "SignUp token data is null.");
Assert.False(data.SignUpToken == string.Empty, "SignUp token data is empty.");
Assert.False(data.Expiration == null, "SignUp expiration data is null.");
}
public async Task AddIsCalledPostSignUp()
{
var accessMock = new Mock <IRepository <AccessTokenSchema> >();
var result = new Task <AccessTokenSchema>(() =>
{
return(new AccessTokenSchema
{
InternalId = ObjectId.GenerateNewId(),
Hash = string.Empty,
User = ObjectId.GenerateNewId(),
// A day so the token can't expire while running
CreatedAt = new BsonDateTime(DateTime.UtcNow.AddSeconds(86400)),
Role = RoleOptions.Admin,
});
});
result.Start();
accessMock.Setup(a => a.FindOne(It.IsAny <FilterDefinition <AccessTokenSchema> >()))
.Returns(result);
accessMock.Setup(s => s.Add(It.IsAny <AccessTokenSchema>()))
.Verifiable("An access token is never added.");
var client = CustomHost.Create(accessMock: accessMock);
var request = CustomRequest.Create(HttpMethod.Post, "/authentication/signUps");
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
}
public async Task IsOkIfFoundPostExport()
{
var sessionMock = new Mock <IRepository <SessionSchema> >();
var result = new Task <SessionSchema>(() =>
{
return(new SessionSchema
{
InternalId = null,
Id = null,
User = null,
CreatedAt = null,
Tags = null,
});
});
result.Start();
sessionMock.Setup(a => a.FindById(It.IsAny <string>()))
.Returns(result)
.Verifiable("A session was never searched for.");
var client = CustomHost.Create(sessionMock: sessionMock);
var request = CustomRequest.Create(HttpMethod.Post, "/sessions/EXEX/export");
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
var body = await response.Content.ReadAsStringAsync();
Assert.True(
body == "OK",
"Posting export responce is not 'OK'.");
}
public StoreTests()
: base(
"Store\\Common.ps1",
"Store\\StoreTests.ps1")
{
customHost = new CustomHost();
}
public async Task IsNotFoundPostExport()
{
var client = CustomHost.Create();
var request = CustomRequest.Create(HttpMethod.Post, "/sessions/EXEX/export");
var response = await client.SendAsync(request);
Assert.True(
response.StatusCode == HttpStatusCode.NotFound,
"Posting an export missing session is not 'not found'.");
}
public async Task RequiresAccessPostExport()
{
var client = CustomHost.Create();
var request = CustomRequest.Create(HttpMethod.Post, "/sessions/EXEX/export", false);
var response = await client.SendAsync(request);
Assert.True(
response.StatusCode == HttpStatusCode.BadRequest,
"Posting an export is a bad request without access token.");
}
public async Task MissingUserIsNotFoundGetUser()
{
var client = CustomHost.Create();
var request = CustomRequest.Create(HttpMethod.Get, "/users/1234567890987654321/", false);
var response = await client.SendAsync(request);
Assert.True(
response.StatusCode == HttpStatusCode.BadRequest,
"Getting a user is not 'not found' when missing.");
}
public async Task RequiresAccessPostSignUp()
{
var client = CustomHost.Create();
var request = CustomRequest.Create(HttpMethod.Post, "/authentication/signUps", false);
var response = await client.SendAsync(request);
Assert.True(
response.StatusCode == HttpStatusCode.BadRequest,
"Creating a sign-up token is a not bad request without access token.");
}
public async Task RequiresAccessDeleteTag()
{
var client = CustomHost.Create();
var request = CustomRequest.Create(HttpMethod.Post, "/sessions/EXEX/tags/test", false);
var response = await client.SendAsync(request);
Assert.True(
response.StatusCode == HttpStatusCode.BadRequest,
"Tagging is a bad request without token.");
}
public async Task RequiresAccessGetUser()
{
var client = CustomHost.Create();
var request = CustomRequest.Create(HttpMethod.Get, "/users/1234567890987654321/", false);
var response = await client.SendAsync(request);
Assert.True(
response.StatusCode == HttpStatusCode.BadRequest,
"Getting a user is not a bad request without access token.");
}
private void DoRun(IEnumerable <DbSchema.Table> tables, IEnumerable <string> files)
{
const string FILE_NAME_KEY = "FILE_NAME";
var engine = new Engine();
var host = new CustomHost();
var basePath = OUTPUT_DIR;
foreach (var path in files)
{
var content = File.ReadAllText(path);
var templateName = Path.GetFileName(path);
Trace.WriteLine(Localization.Template + templateName);
foreach (var table in tables)
{
host.TemplateFile = path;
host.Table = table;
var outputPath = GetOutputPath(table, basePath);
host.SetValue("OutputPath", outputPath);
Trace.WriteLine(String.Format(Localization.Generate_Table, host.Table.Name, templateName, outputPath));
var result = engine.ProcessTemplate(content, host);
if (string.IsNullOrWhiteSpace(result))
{
Trace.WriteLine(String.Format(Localization.Finish_Generate_Empty, host.Table.DisplayName));
continue;
}
var fileName = host.GetValue(FILE_NAME_KEY) as String;
if (string.IsNullOrWhiteSpace(fileName))
{
fileName = host.Table.DisplayName;
}
else
{
host.SetValue(FILE_NAME_KEY, null);
}
var targetPath = Path.Combine(outputPath, fileName + host.FileExtension);
File.WriteAllText(targetPath, result, new UTF8Encoding(true));
Trace.WriteLine(String.Format(Localization.Finish_Generate, host.Table.DisplayName));
}
}
var outputBasePath = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, basePath);
Trace.WriteLine(Localization.Finished);
//BuildThriftCodeAsync(outputBasePath);
}
public async Task NoCookieIsBadPreSecurity()
{
var client = CustomHost.Create();
var stringContent = new StringContent(string.Empty, Encoding.UTF8, "application/json");
var response = await client.PostAsync("/authentication/signUps/", stringContent);
Assert.True(
response.StatusCode == HttpStatusCode.BadRequest,
"Triggering pre-security without a token is not bad.");
}
public async Task IllegalUrlIsNotFoundDelete(string input)
{
var client = CustomHost.Create();
var request = CustomRequest.Create(HttpMethod.Delete, input);
var response = await client.SendAsync(request);
Assert.True(
response.StatusCode == HttpStatusCode.NotFound,
$"The following illegal url is allowed: {input}");
}
public override void TestSetup()
{
base.TestSetup();
customHost = new CustomHost();
expectedDefaultChoices = new List<int>();
promptChoices = new List<int>();
expectedPromptMessages = new List<string>();
expectedPromptCaptions = new List<string>();
defaultAnswer = PromptAnswer.Yes;
powershell.ImportCredentials(StoreCredentialFile);
powershell.AddScript(string.Format("Select-AzureSubscription -Default {0}", StoreSubscriptionName));
}
public override void TestSetup()
{
base.TestSetup();
customHost = new CustomHost();
expectedDefaultChoices = new List <int>();
promptChoices = new List <int>();
expectedPromptMessages = new List <string>();
expectedPromptCaptions = new List <string>();
defaultAnswer = PromptAnswer.Yes;
powershell.ImportCredentials(StoreCredentialFile);
powershell.AddScript(string.Format("Select-AzureSubscription -Default {0}", StoreSubscriptionName));
}
public async Task ContentLengthIsCorrectGetExport()
{
var sessionMock = new Mock <IRepository <SessionSchema> >();
var result = new Task <SessionSchema>(() =>
{
return(new SessionSchema
{
InternalId = null,
Id = null,
User = null,
CreatedAt = null,
Tags = null,
ExportState = ExportOptions.Done,
});
});
result.Start();
sessionMock.Setup(a => a.FindById(It.IsAny <string>()))
.Returns(result)
.Verifiable("A session was never searched for.");
var minioMock = new Mock <IMinioClient>();
UTF8Encoding utf8 = new UTF8Encoding();
var content = "test";
var bytes = new Task <byte[]>(() =>
{
return(utf8.GetBytes(content));
});
bytes.Start();
minioMock.Setup(m => m.GetBytesAsync(
It.IsAny <string>(),
It.IsAny <string>()))
.Returns(bytes)
.Verifiable("Export did not call GetBytesAsync.");
var client = CustomHost.Create(sessionMock: sessionMock, objectStoreMock: minioMock);
var request = CustomRequest.Create(HttpMethod.Get, "/sessions/EXEX/export");
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
var body = await response.Content.ReadAsByteArrayAsync();
Assert.True(
body.Length == utf8.GetBytes(content).Length,
"The Content-Length header has a different length from the content.");
}
