public async Task Create_NotebookNotFound_ShouldReturn400()
{
// Arrange
var url = "/api/note";
var notebook = await WolkDbContext.CreateAndSaveNotebook();
var model = new MutateNoteModel
{
Title = Guid.NewGuid().ToString(),
Content = Guid.NewGuid().ToString(),
NotebookId = notebook.Id + 1,
NoteType = NoteType.Markdown
};
var request = new HttpRequestMessage(HttpMethod.Post, url)
{
Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json)
};
var token = await GetJwt();
request.AddJwtBearer(token);
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.BadRequest, response.StatusCode);
}
public async Task Create_HappyFlow()
{
// Arrange
var url = "/api/note";
var notebook = await WolkDbContext.CreateAndSaveNotebook();
var model = new MutateNoteModel
{
Title = Guid.NewGuid().ToString(),
Content = Guid.NewGuid().ToString(),
NotebookId = notebook.Id,
NoteType = NoteType.Markdown
};
var request = new HttpRequestMessage(HttpMethod.Post, url)
{
Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json)
};
var token = await GetJwt();
request.AddJwtBearer(token);
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.Created, response.StatusCode);
var content = await response.Content.ReadAsStringAsync();
var returnedNote = JsonConvert.DeserializeObject <NoteDto>(content);
var note = await WolkDbContext.Notes.SingleAsync();
ShouldBeEqual(note, returnedNote);
}
public async Task Update_HappyFlow()
{
// Arrange
var notebook = await WolkDbContext.CreateAndSaveNotebook();
var url = $"/api/notebook/{notebook.Id}";
var model = new MutateNotebookModel {
Name = Guid.NewGuid().ToString()
};
var request = new HttpRequestMessage(HttpMethod.Put, url)
{
Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json)
};
var token = await GetJwt();
request.AddJwtBearer(token);
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.NoContent, response.StatusCode);
Assert.AreEqual(model.Name, notebook.Name);
}
public async Task TokenAlmostExpired_ShouldCreateAndReturnNewToken()
{
// Arrange
// Set the current date and time to the past for creating an almost expired token.
var past = DateTime.Now.AddMinutes(-59);
SetLocalDateTime(past);
var jwt = await GetJwt();
var request = new HttpRequestMessage(HttpMethod.Get, "/api/notebook");
request.AddJwtBearer(jwt);
var now = DateTime.Now;
SetLocalDateTime(now);
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
response.EnsureSuccessStatusCode();
var newToken = response.Headers.Single(h => h.Key == "Token").Value.Single();
Assert.IsFalse(string.IsNullOrWhiteSpace(newToken));
// Assert that the new token is valid
var newTokenRequest = new HttpRequestMessage(HttpMethod.Get, "/api/notebook");
newTokenRequest.AddJwtBearer(newToken);
using var newTokenResponse = await HttpClient.SendAsync(newTokenRequest);
newTokenResponse.EnsureSuccessStatusCode();
}
public async Task Update_HappyFlow()
{
// Arrange
var notebook1 = await WolkDbContext.CreateAndSaveNotebook();
var notebook2 = await WolkDbContext.CreateAndSaveNotebook();
var note = await WolkDbContext.CreateAndSaveNote(notebook1);
var url = $"/api/note/{note.Id}";
var model = new MutateNoteModel
{
Title = Guid.NewGuid().ToString(),
Content = Guid.NewGuid().ToString(),
NotebookId = notebook2.Id,
NoteType = NoteType.Markdown
};
var request = new HttpRequestMessage(HttpMethod.Put, url)
{
Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json)
};
var token = await GetJwt();
request.AddJwtBearer(token);
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.NoContent, response.StatusCode);
ShouldBeEqual(note, model);
}
public async Task GetAttachmentByAccessToken_HappyFlow()
{
// Arrange
var attachment = await WolkDbContext.CreateAndSaveAttachment();
var accessToken = await WolkDbContext.CreateAndSaveAttachmentAccessToken(attachment);
var token = accessToken.Token;
var url = $"/api/note/1/attachments/{attachment.Id + 1}/accessTokens/{token}";
var request = new HttpRequestMessage(HttpMethod.Get, url);
var jwt = await GetJwt();
request.AddJwtBearer(jwt);
var path = Path.Combine(UploadsRootPath, attachment.InternalFilename);
var uploadedFile = new byte[] { 3, 4, 1, 6, 12 };
EnsureFileExists(path, uploadedFile);
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode);
var content = await response.Content.ReadAsByteArrayAsync();
Assert.IsTrue(uploadedFile.SequenceEqual(content));
}
public async Task CreateAttachment_ValidationError_ShouldReturn400()
{
// Arrange
var note = await WolkDbContext.CreateAndSaveNote();
var contents = new byte[] { 1, 2, 3, 4 };
var model = new MutateAttachmentModel
{
Filename = new string('a', 301), Base64Contents = Convert.ToBase64String(contents)
};
var url = $"/api/note/{note.Id}/attachments";
var request = new HttpRequestMessage(HttpMethod.Post, url)
{
Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json)
};
var token = await GetJwt();
request.AddJwtBearer(token);
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.BadRequest, response.StatusCode);
}
public async Task GetAll_HappyFlow()
{
// Arrange
var notebook1 = await WolkDbContext.CreateAndSaveNotebook();
var notebook2 = await WolkDbContext.CreateAndSaveNotebook();
var url = "/api/notebook";
var request = new HttpRequestMessage(HttpMethod.Get, url);
var token = await GetJwt();
request.AddJwtBearer(token);
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode);
var content = await response.Content.ReadAsStringAsync();
var notebooks = JsonConvert.DeserializeObject <NotebookDto[]>(content);
ShouldBeEqual(notebook1, notebooks[0]);
ShouldBeEqual(notebook2, notebooks[1]);
}
public async Task GetAllAttachments_HappyFlow()
{
// Arrange
var note1 = await WolkDbContext.CreateAndSaveNote();
var note2 = await WolkDbContext.CreateAndSaveNote();
var file1 = await WolkDbContext.CreateAndSaveAttachment(note1);
var file2 = await WolkDbContext.CreateAndSaveAttachment(note2);
var file3 = await WolkDbContext.CreateAndSaveAttachment(note1);
var url = $"/api/note/{note1.Id}/attachments";
var request = new HttpRequestMessage(HttpMethod.Get, url);
var token = await GetJwt();
request.AddJwtBearer(token);
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode);
var content = await response.Content.ReadAsStringAsync();
var attachments = JsonConvert.DeserializeObject <AttachmentDto[]>(content);
Assert.AreEqual(2, attachments.Length);
ShouldBeEqual(file1, attachments[0]);
ShouldBeEqual(file3, attachments[1]);
}
public async Task CheckUnauthorized(string url, string method)
{
// Arrange
var request = new HttpRequestMessage(new HttpMethod(method), url);
var token = await GetJwt();
request.AddJwtBearer(token + "a");
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode);
}
public async Task Authenticate_CredentialsCorrect()
{
// Arrange
var url = "/api/user/authenticate";
var user = await WolkDbContext.CreateAndSaveUser();
var model = new SignInModel {
Email = user.Email, Password = "******"
};
var request = new HttpRequestMessage(HttpMethod.Post, url)
{
Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json)
};
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode);
var content = await response.Content.ReadAsStringAsync();
var viewModel = JsonConvert.DeserializeObject <SignedInViewModel>(content);
Assert.AreEqual(user.Id, viewModel.Id);
Assert.AreEqual(user.Email, viewModel.Email);
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
var result = new JwtSecurityTokenHandler().ValidateToken(viewModel.Token,
new TokenValidationParameters
{
IssuerSigningKey =
new SymmetricSecurityKey(Encoding.UTF8.GetBytes(IdentityConfiguration.JwtSecret)),
ValidateAudience = false,
ValidateIssuer = false
}, out var validatedToken);
Assert.AreEqual(user.Id.ToString(), result.Claims.Single(c => c.Type == "sub").Value);
// Act: do a call to get all notebooks with correct user token
url = "/api/notebook";
request = new HttpRequestMessage(HttpMethod.Get, url);
request.AddJwtBearer(viewModel.Token);
using var notebookResponse = await HttpClient.SendAsync(request);
// Assert
Assert.IsTrue(notebookResponse.IsSuccessStatusCode);
}
public async Task Delete_NoteNotFound_ShouldReturn404()
{
// Arrange
var note = await WolkDbContext.CreateAndSaveNote();
var url = $"/api/note/{note.Id + 1}";
var request = new HttpRequestMessage(HttpMethod.Delete, url);
var token = await GetJwt();
request.AddJwtBearer(token);
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.NotFound, response.StatusCode);
}
public async Task Delete_HappyFlow()
{
// Arrange
var note = await WolkDbContext.CreateAndSaveNote();
var url = $"/api/note/{note.Id}";
var request = new HttpRequestMessage(HttpMethod.Delete, url);
var token = await GetJwt();
request.AddJwtBearer(token);
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.NoContent, response.StatusCode);
Assert.IsFalse(await WolkDbContext.Notes.AnyAsync());
}
public async Task UploadBackup_ThenDownloadBackup_ShouldWorkCorrectly()
{
// Arrange
var url = "/api/backup";
var zipPath = Path.Combine(AssemblyHelper.GetExecutingAssemblyRootPath(), "Files", "wolk-backup.zip");
var zipBytes = File.ReadAllBytes(zipPath);
var model = new UploadBackupModel {
ZipBytes = zipBytes
};
var request = new HttpRequestMessage(HttpMethod.Post, url)
{
Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json)
};
var token = await GetJwt();
request.AddJwtBearer(token);
// Upload
using var response = await HttpClient.SendAsync(request);
// Assert upload
Assert.AreEqual(HttpStatusCode.NoContent, response.StatusCode);
// Download
request = new HttpRequestMessage(HttpMethod.Get, url)
{
Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json)
};
token = await GetJwt(await WolkDbContext.Users.SingleAsync());
request.AddJwtBearer(token);
using var downloadResponse = await HttpClient.SendAsync(request);
// Assert download
Assert.AreEqual(HttpStatusCode.OK, downloadResponse.StatusCode);
var content = await downloadResponse.Content.ReadAsByteArrayAsync();
Assert.AreEqual(238268, content.Length);
}
public async Task GetAttachmentByAccessToken_AttachmentNotFound_ShouldReturn404()
{
// Arrange
var attachment = await WolkDbContext.CreateAndSaveAttachment();
var accessToken = await WolkDbContext.CreateAndSaveAttachmentAccessToken(attachment);
var token = accessToken.Token + "1";
var url = $"/api/note/1/attachments/{attachment.Id + 1}/accessTokens/{token}";
var request = new HttpRequestMessage(HttpMethod.Get, url);
var jwt = await GetJwt();
request.AddJwtBearer(jwt);
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.NotFound, response.StatusCode);
}
public async Task Update_ValidationError_ShouldReturn400()
{
// Arrange
var url = "/api/notebook/1";
var model = new MutateNotebookModel {
Name = new string('a', 201)
};
var request = new HttpRequestMessage(HttpMethod.Put, url)
{
Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json)
};
var token = await GetJwt();
request.AddJwtBearer(token);
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.BadRequest, response.StatusCode);
}
public async Task Authenticate_CredentialsCorrect_UserIsDeleted_ShouldReturn401()
{
// Arrange
var url = "/api/user/authenticate";
var user = await WolkDbContext.CreateAndSaveUser();
var model = new SignInModel {
Email = user.Email, Password = "******"
};
var request = new HttpRequestMessage(HttpMethod.Post, url)
{
Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json)
};
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode);
var content = await response.Content.ReadAsStringAsync();
var viewModel = JsonConvert.DeserializeObject <SignedInViewModel>(content);
// Act: delete user
WolkDbContext.Users.Remove(user);
await WolkDbContext.SaveChangesAsync();
// Act: do a call to get all notebooks with "deleted" user token
url = "/api/notebook";
request = new HttpRequestMessage(HttpMethod.Get, url);
request.AddJwtBearer(viewModel.Token);
using var notebookResponse = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.Unauthorized, notebookResponse.StatusCode);
}
public async Task CreateAttachmentAccessToken_HappyFlow()
{
// Arrange
var attachment = await WolkDbContext.CreateAndSaveAttachment();
var model = new MutateAttachmentAccessTokenModel
{
ExpirationDateTime = new DateTimeOffset(2019, 12, 31, 23, 0, 0, TimeSpan.FromHours(2))
};
var url = $"/api/note/{attachment.NoteId}/attachments/{attachment.Id}/accessTokens";
var request = new HttpRequestMessage(HttpMethod.Post, url)
{
Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json)
};
var token = await GetJwt();
request.AddJwtBearer(token);
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.Created, response.StatusCode);
var content = await response.Content.ReadAsStringAsync();
var returnedToken = JsonConvert.DeserializeObject <AccessTokenResultDto>(content);
Assert.AreEqual(model.ExpirationDateTime, returnedToken.ExpirationDateTime);
Assert.IsTrue(Guid.TryParse(returnedToken.Token, out var _));
var addedToken = await WolkDbContext.AccessTokens.SingleAsync();
Assert.AreEqual(returnedToken.Token, addedToken.Token);
Assert.AreEqual(returnedToken.ExpirationDateTime, addedToken.ExpirationDateTime);
}
public async Task CreateAttachment_HappyFlow()
{
// Arrange
var note = await WolkDbContext.CreateAndSaveNote();
var contents = new byte[] { 1, 2, 3, 4 };
var model = new MutateAttachmentModel
{
Filename = "file.txt", Base64Contents = Convert.ToBase64String(contents)
};
var url = $"/api/note/{note.Id}/attachments";
var request = new HttpRequestMessage(HttpMethod.Post, url)
{
Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json)
};
var token = await GetJwt();
request.AddJwtBearer(token);
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.Created, response.StatusCode);
var content = await response.Content.ReadAsStringAsync();
var returnedAttachment = JsonConvert.DeserializeObject <AttachmentDto>(content);
var attachment = await WolkDbContext.Attachments.SingleAsync();
ShouldBeEqual(attachment, returnedAttachment);
Assert.AreEqual(1, MockFileService.Files.Count);
}
public async Task Delete_HappyFlow()
{
// Arrange
var attachment = await WolkDbContext.CreateAndSaveAttachment();
var url = $"/api/note/1/attachments/{attachment.Id}";
var request = new HttpRequestMessage(HttpMethod.Delete, url);
var token = await GetJwt();
request.AddJwtBearer(token);
var expectedPath = Path.Combine(UploadsRootPath, attachment.InternalFilename);
EnsureFileExists(expectedPath);
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.NoContent, response.StatusCode);
Assert.IsFalse(await WolkDbContext.Attachments.AnyAsync());
Assert.AreEqual(0, MockFileService.Files.Count);
}
public async Task TokenNotAlmostExpired_ShouldNotCreateAndReturnNewToken()
{
// Arrange
// Set the current date and time to the past for creating an almost expired token.
var past = DateTime.Now.AddMinutes(-30);
SetLocalDateTime(past);
var jwt = await GetJwt();
var request = new HttpRequestMessage(HttpMethod.Get, "/api/notebook");
request.AddJwtBearer(jwt);
var now = DateTime.Now;
SetLocalDateTime(now);
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
response.EnsureSuccessStatusCode();
Assert.IsFalse(response.Headers.Any(h => h.Key == "Token"));
}
public async Task UploadBackup_ShouldRestoreEntitiesCorrectly()
{
// Arrange
for (var i = 0; i < 10; i++)
{
await WolkDbContext.CreateAndSaveNote();
}
var url = "/api/backup";
var zipPath = Path.Combine(AssemblyHelper.GetExecutingAssemblyRootPath(), "Files", "wolk-backup.zip");
var zipBytes = File.ReadAllBytes(zipPath);
var model = new UploadBackupModel {
ZipBytes = zipBytes
};
var request = new HttpRequestMessage(HttpMethod.Post, url)
{
Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json)
};
var token = await GetJwt();
request.AddJwtBearer(token);
// Act
using var response = await HttpClient.SendAsync(request);
// Assert
Assert.AreEqual(HttpStatusCode.NoContent, response.StatusCode);
// Assert access tokens
var accessToken = await WolkDbContext.AccessTokens.SingleAsync();
Assert.AreEqual("1b7d6a57-a464-47c3-9ec7-e5a30403d8c7", accessToken.Token);
Assert.AreEqual("1", accessToken.Identifier);
// Assert attachments
var attachment = await WolkDbContext.Attachments.SingleAsync();
Assert.AreEqual("b2e6ba68-4597-4404-a078-bee38e4085c8", attachment.InternalFilename);
Assert.AreEqual(235567, attachment.FileSize);
Assert.AreEqual("id.png", attachment.Filename);
Assert.AreEqual(1, attachment.NoteId);
// Assert notebooks
var notebooks = await WolkDbContext.Notebooks.ToArrayAsync();
Assert.AreEqual(2, notebooks.Length);
Assert.IsTrue(notebooks.All(n => n.Name == "Test notebook 1" || n.Name == "Test notebook 2"));
// Assert notes
var notes = await WolkDbContext.Notes.ToArrayAsync();
Assert.AreEqual(4, notes.Length);
Assert.IsTrue(notes.All(n =>
n.Title == "Markdown test" ||
n.Title == "Plain text test" ||
n.Title == "Sticky notes test" ||
n.Title == "Todo.txt test"));
// Assert users
var user = await WolkDbContext.Users.SingleAsync();
Assert.AreEqual("*****@*****.**", user.Email);
}
