public void TestNegativeSCPSubmission()
{
var userName = "******";
//Create user
TestDataInitializer.CreateUser(userName, DateTime.UtcNow.AddDays(-450));
//Add submission with negatives directly to db
using (var context = new VoatDataContext())
{
var s = context.Submission.Add(new Submission()
{
CreationDate = DateTime.UtcNow.AddHours(-12),
Subverse = SUBVERSES.Unit,
Title = "Test Negative SCP",
Url = "https://www.youtube.com/watch?v=pnbJEg9r1o8",
Type = 2,
UpCount = 2,
DownCount = 13,
UserName = userName
});
context.SaveChanges();
}
var user = TestHelper.SetPrincipal(userName);
var userSubmission = new Domain.Models.UserSubmission()
{
Subverse = SUBVERSES.Unit, Title = "Le Censorship!", Content = "Will this work?"
};
var cmd = new CreateSubmissionCommand(userSubmission).SetUserContext(user);
var r = cmd.Execute().Result;
VoatAssert.IsValid(r);
}
protected override RuleOutcome EvaluateRule(VoatRuleContext context)
{
//bool isModerator = context.UserData.Information.Moderates.Any(x => x.Subverse.Equals(context.Subverse.Name, StringComparison.OrdinalIgnoreCase));
bool isModerator = ModeratorPermission.IsModerator(context.User, context.Subverse.Name, null);
// check posting quotas if user is posting to subs they do not moderate
if (!isModerator)
{
// reject if user has reached global daily submission quota
if (UserDailyGlobalPostingQuotaUsed(context))
{
return(CreateOutcome(RuleResult.Denied, "You have reached your daily global submission quota"));
}
// reject if user has reached global hourly submission quota
if (UserHourlyGlobalPostingQuotaUsed(context))
{
return(CreateOutcome(RuleResult.Denied, "You have reached your hourly global submission quota"));
}
// check if user has reached hourly posting quota for target subverse
if (UserHourlyPostingQuotaForSubUsed(context, context.Subverse.Name))
{
return(CreateOutcome(RuleResult.Denied, "You have reached your hourly submission quota for this subverse"));
}
// check if user has reached daily posting quota for target subverse
if (UserDailyPostingQuotaForSubUsed(context, context.Subverse.Name))
{
return(CreateOutcome(RuleResult.Denied, "You have reached your daily submission quota for this subverse"));
}
if (context.Subverse.IsAuthorizedOnly)
{
return(CreateOutcome(RuleResult.Denied, "You are not authorized to submit links or start discussions in this subverse. Please contact subverse moderators for authorization"));
}
}
Domain.Models.UserSubmission userSubmission = context.PropertyBag.UserSubmission;
if (userSubmission.Type == Domain.Models.SubmissionType.Link)
{
using (var repo = new Data.Repository())
{
int crossPostCount = repo.FindUserLinkSubmissionCount(context.UserName, userSubmission.Url, TimeSpan.FromDays(1));
if (crossPostCount >= VoatSettings.Instance.DailyCrossPostingQuota)
{
return(CreateOutcome(RuleResult.Denied, "You have reached your daily crossposting quota for this Url"));
}
}
//Old code
//if (UserHelper.DailyCrossPostingQuotaUsed(userName, submissionModel.Content))
//{
// // ABORT
// return ("You have reached your daily crossposting quota for this URL.");
//}
}
return(Allowed);
}
public static Domain.Models.Submission CreateSubmission(string userName, Domain.Models.UserSubmission submission)
{
var user = TestHelper.SetPrincipal(userName);
var cmd = new CreateSubmissionCommand(submission).SetUserContext(user);
var r = cmd.Execute().Result;
VoatAssert.IsValid(r);
Assert.AreNotEqual(0, r.Response.ID);
return(r.Response);
}
public void PreventPostingToDisabledSub()
{
var user = TestHelper.SetPrincipal("TestUser06");
var userSubmission = new Domain.Models.UserSubmission()
{
Subverse = SUBVERSES.Disabled, Title = "I am not paying attention", Content = "Why was this sub disabled?"
};
var cmd = new CreateSubmissionCommand(userSubmission).SetUserContext(user);
var r = cmd.Execute().Result;
VoatAssert.IsValid(r, Status.Denied);
Assert.AreEqual("Subverse is disabled", r.Message);
}
public void PreventUserFromPostingCompromisedTitle1()
{
var user = TestHelper.SetPrincipal("TestUser01");
var userSubmission = new Domain.Models.UserSubmission()
{
Subverse = SUBVERSES.Whatever, Title = "\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000", Content = "cookies"
};
var cmd = new CreateSubmissionCommand(userSubmission).SetUserContext(user);
var r = cmd.Execute().Result;
VoatAssert.IsValid(r, Status.Denied);
Assert.AreEqual(r.Message, "Submission title can not contain Unicode or unprintable characters");
}
public void PreventUserFromPostingToAuthorizedOnlySubverses()
{
var user = TestHelper.SetPrincipal("TestUser09");
var userSubmission = new Domain.Models.UserSubmission()
{
Subverse = SUBVERSES.AuthorizedOnly, Title = Guid.NewGuid().ToString(), Url = "http://www.digit.com/images/feelsgoodman.jpg"
};
var cmd = new CreateSubmissionCommand(userSubmission).SetUserContext(user);
var r = cmd.Execute().Result;
VoatAssert.IsValid(r, Status.Denied);
Assert.AreEqual(r.Message, "You are not authorized to submit links or start discussions in this subverse. Please contact subverse moderators for authorization");
}
public void PreventSubverseBannedUsers()
{
var user = TestHelper.SetPrincipal("BannedFromVUnit");
var userSubmission = new Domain.Models.UserSubmission()
{
Subverse = SUBVERSES.Unit, Title = Guid.NewGuid().ToString(), Url = "http://www.SuperAwesomeDomainName.com/images/feelsgoodman.jpg"
};
var cmd = new CreateSubmissionCommand(userSubmission).SetUserContext(user);
var r = cmd.Execute().Result;
VoatAssert.IsValid(r, Status.Denied);
Assert.AreEqual(r.Message, $"User is banned from v/{userSubmission.Subverse}");
}
public void PreventGlobalBannedUsers()
{
var user = TestHelper.SetPrincipal("BannedGlobally");
var userSubmission = new Domain.Models.UserSubmission()
{
Subverse = SUBVERSES.Unit, Title = Guid.NewGuid().ToString(), Url = "http://www.SendhelpImStuckInUnitTests.com/images/feelsgoodman.jpg"
};
var cmd = new CreateSubmissionCommand(userSubmission).SetUserContext(user);
var r = cmd.Execute().Result;
VoatAssert.IsValid(r, Status.Denied);
Assert.AreEqual(r.Message, "User is globally banned");
}
public void PreventPostingToDisabledSub()
{
TestHelper.SetPrincipal("TestUser6");
var userSubmission = new Domain.Models.UserSubmission()
{
Subverse = "disabled", Title = "I am not paying attention", Content = "Why was this sub disabled?"
};
var cmd = new CreateSubmissionCommand(userSubmission);
var r = cmd.Execute().Result;
Assert.IsNotNull(r, "Response was null");
Assert.IsFalse(r.Success, r.Message);
Assert.AreEqual(r.Message, "Subverse is disabled");
}
public void PreventUserFromPostingCompromisedTitle1()
{
TestHelper.SetPrincipal("TestUser1");
var userSubmission = new Domain.Models.UserSubmission()
{
Subverse = "whatever", Title = "\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000", Content = "cookies"
};
var cmd = new CreateSubmissionCommand(userSubmission);
var r = cmd.Execute().Result;
Assert.IsNotNull(r, "Response was null");
Assert.IsFalse(r.Success, r.Message);
Assert.AreEqual(r.Message, "Submission title can not contain Unicode or unprintable characters");
}
public void PreventUserFromPostingToAuthorizedOnlySubverses()
{
TestHelper.SetPrincipal("TestUser9");
var userSubmission = new Domain.Models.UserSubmission()
{
Subverse = "AuthorizedOnly", Title = Guid.NewGuid().ToString(), Url = "http://www.digit.com/images/feelsgoodman.jpg"
};
var cmd = new CreateSubmissionCommand(userSubmission);
var r = cmd.Execute().Result;
Assert.IsNotNull(r, "Response was null");
Assert.IsFalse(r.Success, r.Message);
Assert.AreEqual(r.Message, "You are not authorized to submit links or start discussions in this subverse. Please contact subverse moderators for authorization");
}
public void PreventSubverseBannedUsers()
{
TestHelper.SetPrincipal("BannedFromVUnit");
var userSubmission = new Domain.Models.UserSubmission()
{
Subverse = "unit", Title = Guid.NewGuid().ToString(), Url = "http://www.SuperAwesomeDomainName.com/images/feelsgoodman.jpg"
};
var cmd = new CreateSubmissionCommand(userSubmission);
var r = cmd.Execute().Result;
Assert.IsNotNull(r, "Response was null");
Assert.IsFalse(r.Success, r.Message);
Assert.AreEqual(r.Message, $"User is banned from v/{userSubmission.Subverse}");
}
public void PreventGlobalBannedUsers()
{
TestHelper.SetPrincipal("BannedGlobally");
var userSubmission = new Domain.Models.UserSubmission()
{
Subverse = "unit", Title = Guid.NewGuid().ToString(), Url = "http://www.SendhelpImStuckInUnitTests.com/images/feelsgoodman.jpg"
};
var cmd = new CreateSubmissionCommand(userSubmission);
var r = cmd.Execute().Result;
Assert.IsNotNull(r, "Response was null");
Assert.IsFalse(r.Success, r.Message);
Assert.AreEqual(r.Message, "User is globally banned");
}
public void CreateSubmission()
{
var userName = "******";
var user = TestHelper.SetPrincipal(userName);
var s = new Domain.Models.UserSubmission()
{
Subverse = SUBVERSES.Whatever, Title = "This is a title", Url = "http://www.yahoo.com"
};
var cmd = new CreateSubmissionCommand(s).SetUserContext(user);
var r = cmd.Execute().Result;
VoatAssert.IsValid(r);
Assert.IsNotNull(r.Response, "Expecting a non null response");
Assert.AreNotEqual(0, r.Response.ID);
Assert.AreEqual(userName, r.Response.UserName);
Assert.AreEqual(s.Subverse, r.Response.Subverse);
Assert.AreEqual(s.Title, r.Response.Title);
}
public void TestNegativeSCPSubmission()
{
var userName = "******";
//Create user
VoatDataInitializer.CreateUser(userName, DateTime.UtcNow.AddDays(-450));
//Add submission with negatives directly to db
using (var context = new voatEntities())
{
var s = context.Submissions.Add(new Submission()
{
CreationDate = DateTime.UtcNow.AddHours(-12),
Subverse = "unit",
Title = "Test Negative SCP",
Url = "https://www.youtube.com/watch?v=pnbJEg9r1o8",
Type = 2,
UpCount = 2,
DownCount = 13,
UserName = userName
});
context.SaveChanges();
}
TestHelper.SetPrincipal(userName);
var userSubmission = new Domain.Models.UserSubmission()
{
Subverse = "unit", Title = "Le Censorship!", Content = "Will this work?"
};
var cmd = new CreateSubmissionCommand(userSubmission);
var r = cmd.Execute().Result;
Assert.IsNotNull(r, "Response was null");
Assert.IsTrue(r.Success, r.Message);
}
public async Task <ActionResult> Submit(CreateSubmissionViewModel model)
{
//set this incase invalid submittal
var userData = UserData;
model.RequireCaptcha = userData.Information.CommentPoints.Sum < VoatSettings.Instance.MinimumCommentPointsForCaptchaSubmission && VoatSettings.Instance.CaptchaEnabled;
// abort if model state is invalid
if (!ModelState.IsValid)
{
PreventSpamAttribute.Reset(this.HttpContext);
return(View(model));
}
//Check Captcha
if (model.RequireCaptcha)
{
var captchaSuccess = await ReCaptchaUtility.Validate(Request);
if (!captchaSuccess)
{
ModelState.AddModelError(string.Empty, "Incorrect recaptcha answer");
return(View(model));
}
}
//new pipeline
var userSubmission = new Domain.Models.UserSubmission();
userSubmission.IsAdult = model.IsAdult;
userSubmission.IsAnonymized = model.IsAnonymized;
userSubmission.Subverse = model.Subverse.TrimSafe();
userSubmission.Title = model.Title.StripWhiteSpace();
userSubmission.Content = (model.Type == Domain.Models.SubmissionType.Text ? model.Content.TrimSafe() : null);
userSubmission.Url = (model.Type == Domain.Models.SubmissionType.Link ? model.Url.TrimSafe() : null);
var q = new CreateSubmissionCommand(userSubmission).SetUserContext(User);
var result = await q.Execute();
if (result.Success)
{
// redirect to comments section of newly posted submission
return(RedirectToRoute(
"SubverseCommentsWithSort_Short",
new
{
submissionID = result.Response.ID,
subverseName = result.Response.Subverse,
sort = (string)null
}
));
}
else
{
//Help formatting issues with unicode.
if (model.Title.ContainsUnicode())
{
model.Title = model.Title.StripUnicode();
ModelState.AddModelError(String.Empty, "Voat has strip searched your title and removed it's unicode. Please verify you approve of what you see.");
}
else
{
ModelState.AddModelError(string.Empty, result.DebugMessage());
}
PreventSpamAttribute.Reset(HttpContext);
return(View(model));
}
}