public void TestNegativeSCPSubmission() { var userName = "******"; //Create user TestDataInitializer.CreateUser(userName, DateTime.UtcNow.AddDays(-450)); //Add submission with negatives directly to db using (var context = new VoatDataContext()) { var s = context.Submission.Add(new Submission() { CreationDate = DateTime.UtcNow.AddHours(-12), Subverse = SUBVERSES.Unit, Title = "Test Negative SCP", Url = "https://www.youtube.com/watch?v=pnbJEg9r1o8", Type = 2, UpCount = 2, DownCount = 13, UserName = userName }); context.SaveChanges(); } var user = TestHelper.SetPrincipal(userName); var userSubmission = new Domain.Models.UserSubmission() { Subverse = SUBVERSES.Unit, Title = "Le Censorship!", Content = "Will this work?" }; var cmd = new CreateSubmissionCommand(userSubmission).SetUserContext(user); var r = cmd.Execute().Result; VoatAssert.IsValid(r); }
protected override RuleOutcome EvaluateRule(VoatRuleContext context) { //bool isModerator = context.UserData.Information.Moderates.Any(x => x.Subverse.Equals(context.Subverse.Name, StringComparison.OrdinalIgnoreCase)); bool isModerator = ModeratorPermission.IsModerator(context.User, context.Subverse.Name, null); // check posting quotas if user is posting to subs they do not moderate if (!isModerator) { // reject if user has reached global daily submission quota if (UserDailyGlobalPostingQuotaUsed(context)) { return(CreateOutcome(RuleResult.Denied, "You have reached your daily global submission quota")); } // reject if user has reached global hourly submission quota if (UserHourlyGlobalPostingQuotaUsed(context)) { return(CreateOutcome(RuleResult.Denied, "You have reached your hourly global submission quota")); } // check if user has reached hourly posting quota for target subverse if (UserHourlyPostingQuotaForSubUsed(context, context.Subverse.Name)) { return(CreateOutcome(RuleResult.Denied, "You have reached your hourly submission quota for this subverse")); } // check if user has reached daily posting quota for target subverse if (UserDailyPostingQuotaForSubUsed(context, context.Subverse.Name)) { return(CreateOutcome(RuleResult.Denied, "You have reached your daily submission quota for this subverse")); } if (context.Subverse.IsAuthorizedOnly) { return(CreateOutcome(RuleResult.Denied, "You are not authorized to submit links or start discussions in this subverse. Please contact subverse moderators for authorization")); } } Domain.Models.UserSubmission userSubmission = context.PropertyBag.UserSubmission; if (userSubmission.Type == Domain.Models.SubmissionType.Link) { using (var repo = new Data.Repository()) { int crossPostCount = repo.FindUserLinkSubmissionCount(context.UserName, userSubmission.Url, TimeSpan.FromDays(1)); if (crossPostCount >= VoatSettings.Instance.DailyCrossPostingQuota) { return(CreateOutcome(RuleResult.Denied, "You have reached your daily crossposting quota for this Url")); } } //Old code //if (UserHelper.DailyCrossPostingQuotaUsed(userName, submissionModel.Content)) //{ // // ABORT // return ("You have reached your daily crossposting quota for this URL."); //} } return(Allowed); }
public static Domain.Models.Submission CreateSubmission(string userName, Domain.Models.UserSubmission submission) { var user = TestHelper.SetPrincipal(userName); var cmd = new CreateSubmissionCommand(submission).SetUserContext(user); var r = cmd.Execute().Result; VoatAssert.IsValid(r); Assert.AreNotEqual(0, r.Response.ID); return(r.Response); }
public void PreventPostingToDisabledSub() { var user = TestHelper.SetPrincipal("TestUser06"); var userSubmission = new Domain.Models.UserSubmission() { Subverse = SUBVERSES.Disabled, Title = "I am not paying attention", Content = "Why was this sub disabled?" }; var cmd = new CreateSubmissionCommand(userSubmission).SetUserContext(user); var r = cmd.Execute().Result; VoatAssert.IsValid(r, Status.Denied); Assert.AreEqual("Subverse is disabled", r.Message); }
public void PreventUserFromPostingCompromisedTitle1() { var user = TestHelper.SetPrincipal("TestUser01"); var userSubmission = new Domain.Models.UserSubmission() { Subverse = SUBVERSES.Whatever, Title = "\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000", Content = "cookies" }; var cmd = new CreateSubmissionCommand(userSubmission).SetUserContext(user); var r = cmd.Execute().Result; VoatAssert.IsValid(r, Status.Denied); Assert.AreEqual(r.Message, "Submission title can not contain Unicode or unprintable characters"); }
public void PreventUserFromPostingToAuthorizedOnlySubverses() { var user = TestHelper.SetPrincipal("TestUser09"); var userSubmission = new Domain.Models.UserSubmission() { Subverse = SUBVERSES.AuthorizedOnly, Title = Guid.NewGuid().ToString(), Url = "http://www.digit.com/images/feelsgoodman.jpg" }; var cmd = new CreateSubmissionCommand(userSubmission).SetUserContext(user); var r = cmd.Execute().Result; VoatAssert.IsValid(r, Status.Denied); Assert.AreEqual(r.Message, "You are not authorized to submit links or start discussions in this subverse. Please contact subverse moderators for authorization"); }
public void PreventSubverseBannedUsers() { var user = TestHelper.SetPrincipal("BannedFromVUnit"); var userSubmission = new Domain.Models.UserSubmission() { Subverse = SUBVERSES.Unit, Title = Guid.NewGuid().ToString(), Url = "http://www.SuperAwesomeDomainName.com/images/feelsgoodman.jpg" }; var cmd = new CreateSubmissionCommand(userSubmission).SetUserContext(user); var r = cmd.Execute().Result; VoatAssert.IsValid(r, Status.Denied); Assert.AreEqual(r.Message, $"User is banned from v/{userSubmission.Subverse}"); }
public void PreventGlobalBannedUsers() { var user = TestHelper.SetPrincipal("BannedGlobally"); var userSubmission = new Domain.Models.UserSubmission() { Subverse = SUBVERSES.Unit, Title = Guid.NewGuid().ToString(), Url = "http://www.SendhelpImStuckInUnitTests.com/images/feelsgoodman.jpg" }; var cmd = new CreateSubmissionCommand(userSubmission).SetUserContext(user); var r = cmd.Execute().Result; VoatAssert.IsValid(r, Status.Denied); Assert.AreEqual(r.Message, "User is globally banned"); }
public void PreventPostingToDisabledSub() { TestHelper.SetPrincipal("TestUser6"); var userSubmission = new Domain.Models.UserSubmission() { Subverse = "disabled", Title = "I am not paying attention", Content = "Why was this sub disabled?" }; var cmd = new CreateSubmissionCommand(userSubmission); var r = cmd.Execute().Result; Assert.IsNotNull(r, "Response was null"); Assert.IsFalse(r.Success, r.Message); Assert.AreEqual(r.Message, "Subverse is disabled"); }
public void PreventUserFromPostingCompromisedTitle1() { TestHelper.SetPrincipal("TestUser1"); var userSubmission = new Domain.Models.UserSubmission() { Subverse = "whatever", Title = "\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000", Content = "cookies" }; var cmd = new CreateSubmissionCommand(userSubmission); var r = cmd.Execute().Result; Assert.IsNotNull(r, "Response was null"); Assert.IsFalse(r.Success, r.Message); Assert.AreEqual(r.Message, "Submission title can not contain Unicode or unprintable characters"); }
public void PreventUserFromPostingToAuthorizedOnlySubverses() { TestHelper.SetPrincipal("TestUser9"); var userSubmission = new Domain.Models.UserSubmission() { Subverse = "AuthorizedOnly", Title = Guid.NewGuid().ToString(), Url = "http://www.digit.com/images/feelsgoodman.jpg" }; var cmd = new CreateSubmissionCommand(userSubmission); var r = cmd.Execute().Result; Assert.IsNotNull(r, "Response was null"); Assert.IsFalse(r.Success, r.Message); Assert.AreEqual(r.Message, "You are not authorized to submit links or start discussions in this subverse. Please contact subverse moderators for authorization"); }
public void PreventSubverseBannedUsers() { TestHelper.SetPrincipal("BannedFromVUnit"); var userSubmission = new Domain.Models.UserSubmission() { Subverse = "unit", Title = Guid.NewGuid().ToString(), Url = "http://www.SuperAwesomeDomainName.com/images/feelsgoodman.jpg" }; var cmd = new CreateSubmissionCommand(userSubmission); var r = cmd.Execute().Result; Assert.IsNotNull(r, "Response was null"); Assert.IsFalse(r.Success, r.Message); Assert.AreEqual(r.Message, $"User is banned from v/{userSubmission.Subverse}"); }
public void PreventGlobalBannedUsers() { TestHelper.SetPrincipal("BannedGlobally"); var userSubmission = new Domain.Models.UserSubmission() { Subverse = "unit", Title = Guid.NewGuid().ToString(), Url = "http://www.SendhelpImStuckInUnitTests.com/images/feelsgoodman.jpg" }; var cmd = new CreateSubmissionCommand(userSubmission); var r = cmd.Execute().Result; Assert.IsNotNull(r, "Response was null"); Assert.IsFalse(r.Success, r.Message); Assert.AreEqual(r.Message, "User is globally banned"); }
public void CreateSubmission() { var userName = "******"; var user = TestHelper.SetPrincipal(userName); var s = new Domain.Models.UserSubmission() { Subverse = SUBVERSES.Whatever, Title = "This is a title", Url = "http://www.yahoo.com" }; var cmd = new CreateSubmissionCommand(s).SetUserContext(user); var r = cmd.Execute().Result; VoatAssert.IsValid(r); Assert.IsNotNull(r.Response, "Expecting a non null response"); Assert.AreNotEqual(0, r.Response.ID); Assert.AreEqual(userName, r.Response.UserName); Assert.AreEqual(s.Subverse, r.Response.Subverse); Assert.AreEqual(s.Title, r.Response.Title); }
public void TestNegativeSCPSubmission() { var userName = "******"; //Create user VoatDataInitializer.CreateUser(userName, DateTime.UtcNow.AddDays(-450)); //Add submission with negatives directly to db using (var context = new voatEntities()) { var s = context.Submissions.Add(new Submission() { CreationDate = DateTime.UtcNow.AddHours(-12), Subverse = "unit", Title = "Test Negative SCP", Url = "https://www.youtube.com/watch?v=pnbJEg9r1o8", Type = 2, UpCount = 2, DownCount = 13, UserName = userName }); context.SaveChanges(); } TestHelper.SetPrincipal(userName); var userSubmission = new Domain.Models.UserSubmission() { Subverse = "unit", Title = "Le Censorship!", Content = "Will this work?" }; var cmd = new CreateSubmissionCommand(userSubmission); var r = cmd.Execute().Result; Assert.IsNotNull(r, "Response was null"); Assert.IsTrue(r.Success, r.Message); }
public async Task <ActionResult> Submit(CreateSubmissionViewModel model) { //set this incase invalid submittal var userData = UserData; model.RequireCaptcha = userData.Information.CommentPoints.Sum < VoatSettings.Instance.MinimumCommentPointsForCaptchaSubmission && VoatSettings.Instance.CaptchaEnabled; // abort if model state is invalid if (!ModelState.IsValid) { PreventSpamAttribute.Reset(this.HttpContext); return(View(model)); } //Check Captcha if (model.RequireCaptcha) { var captchaSuccess = await ReCaptchaUtility.Validate(Request); if (!captchaSuccess) { ModelState.AddModelError(string.Empty, "Incorrect recaptcha answer"); return(View(model)); } } //new pipeline var userSubmission = new Domain.Models.UserSubmission(); userSubmission.IsAdult = model.IsAdult; userSubmission.IsAnonymized = model.IsAnonymized; userSubmission.Subverse = model.Subverse.TrimSafe(); userSubmission.Title = model.Title.StripWhiteSpace(); userSubmission.Content = (model.Type == Domain.Models.SubmissionType.Text ? model.Content.TrimSafe() : null); userSubmission.Url = (model.Type == Domain.Models.SubmissionType.Link ? model.Url.TrimSafe() : null); var q = new CreateSubmissionCommand(userSubmission).SetUserContext(User); var result = await q.Execute(); if (result.Success) { // redirect to comments section of newly posted submission return(RedirectToRoute( "SubverseCommentsWithSort_Short", new { submissionID = result.Response.ID, subverseName = result.Response.Subverse, sort = (string)null } )); } else { //Help formatting issues with unicode. if (model.Title.ContainsUnicode()) { model.Title = model.Title.StripUnicode(); ModelState.AddModelError(String.Empty, "Voat has strip searched your title and removed it's unicode. Please verify you approve of what you see."); } else { ModelState.AddModelError(string.Empty, result.DebugMessage()); } PreventSpamAttribute.Reset(HttpContext); return(View(model)); } }