public void ValidateUser__must_lock_out_users_after_max_attempts_of_wrong_password()
{
// Arrange
IMemberType memberType = MockedContentTypes.CreateSimpleMemberType();
ServiceContext.MemberTypeService.Save(memberType);
var member = MockedMember.CreateSimpleMember(memberType, "test", "*****@*****.**", "password", "test");
ServiceContext.MemberService.Save(member);
var wrongPassword = "******";
var numberOfFailedAttempts = MembersMembershipProvider.MaxInvalidPasswordAttempts + 2;
// Act
var memberBefore = ServiceContext.MemberService.GetById(member.Id);
for (int i = 0; i < numberOfFailedAttempts; i++)
{
MembersMembershipProvider.ValidateUser(member.Username, wrongPassword);
}
var memberAfter = ServiceContext.MemberService.GetById(member.Id);
// Assert
Assert.Multiple(() =>
{
Assert.AreEqual(0, memberBefore.FailedPasswordAttempts, "Expected 0 failed password attempts before");
Assert.IsFalse(memberBefore.IsLockedOut, "Expected the member NOT to be locked out before");
Assert.AreEqual(MembersMembershipProvider.MaxInvalidPasswordAttempts, memberAfter.FailedPasswordAttempts, "Expected exactly the max possible failed password attempts after");
Assert.IsTrue(memberAfter.IsLockedOut, "Expected the member to be locked out after");
});
}
public void Answer_Is_Encrypted()
{
IMember createdMember = null;
var memberType = MockedContentTypes.CreateSimpleMemberType();
foreach (var p in Constants.Conventions.Member.GetStandardPropertyTypeStubs())
{
memberType.AddPropertyType(p.Value);
}
var mServiceMock = new Mock <IMembershipMemberService>();
mServiceMock.Setup(service => service.Exists("test")).Returns(false);
mServiceMock.Setup(service => service.GetByEmail("*****@*****.**")).Returns(() => null);
mServiceMock.Setup(service => service.GetDefaultMemberType()).Returns("Member");
mServiceMock.Setup(
service => service.CreateWithIdentity(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>()))
.Callback((string u, string e, string p, string m) =>
{
createdMember = new Member("test", e, u, p, memberType);
})
.Returns(() => createdMember);
var provider = new MembersMembershipProvider(mServiceMock.Object);
provider.Initialize("test", new NameValueCollection());
MembershipCreateStatus status;
provider.CreateUser("test", "test", "testtest$1", "*****@*****.**", "test", "test", true, "test", out status);
Assert.AreNotEqual("test", createdMember.RawPasswordAnswerValue);
Assert.AreEqual(provider.EncryptString("test"), createdMember.RawPasswordAnswerValue);
}
public void TestSetup()
{
this.Setup = new NhibernateTestSetupHelper();
this._singleProvider = new ProviderMappingGroup("default", new WildcardUriMatch(new Uri("content://")), this.Setup.ReadonlyProviderSetup, this.Setup.ProviderSetup, this.Setup.FakeFrameworkContext);
this.HiveManager = new HiveManager(this._singleProvider, this._singleProvider.FrameworkContext);
this.AppContext = new FakeRebelApplicationContext(this.HiveManager, false);
this._resolverContext = new MockedMapResolverContext(this.HiveManager.FrameworkContext, this.HiveManager, new MockedPropertyEditorFactory(this.AppContext), new MockedParameterEditorFactory());
//mappers
var cmsModelMapper = new CmsModelMapper(this._resolverContext);
var persistenceToRenderModelMapper = new RenderTypesModelMapper(this._resolverContext);
this.Setup.FakeFrameworkContext.SetTypeMappers(new FakeTypeMapperCollection(new AbstractMappingEngine[] { cmsModelMapper, persistenceToRenderModelMapper }));
var membersMembershipProvider = new MembersMembershipProvider {
AppContext = AppContext
};
MembershipService = new MembershipService <Member, MemberProfile>(AppContext.FrameworkContext, HiveManager,
"security://member-profiles", "security://member-groups", Framework.Security.Model.FixedHiveIds.MemberProfileVirtualRoot,
membersMembershipProvider, Enumerable.Empty <MembershipProviderElement>());
PublicAccessService = new PublicAccessService(HiveManager, MembershipService, AppContext.FrameworkContext);
}
public virtual void SetupMembership()
{
this.memberService = new Mock <IMemberService>();
var memberTypeService = Mock.Of <IMemberTypeService>();
var membershipProvider = new MembersMembershipProvider(memberService.Object, memberTypeService);
this.memberCache = new Mock <IPublishedMemberCache>();
this.MembershipHelper = new Umbraco.Web.Security.MembershipHelper(this.HttpContext.Object, this.memberCache.Object, membershipProvider, Mock.Of <RoleProvider>(), memberService.Object, memberTypeService, Mock.Of <IUserService>(), Mock.Of <IPublicAccessService>(), AppCaches.NoCache, Mock.Of <ILogger>());
}
public virtual void SetupMembership()
{
MemberService = new Mock <IMemberService>();
var memberTypeService = Mock.Of <IMemberTypeService>();
var membershipProvider = new MembersMembershipProvider(MemberService.Object, memberTypeService);
MemberCache = new Mock <IPublishedMemberCache>();
MembershipHelper = new MembershipHelper(HttpContext.Object, MemberCache.Object, membershipProvider, Mock.Of <RoleProvider>(), MemberService.Object, memberTypeService, Mock.Of <IUserService>(), Mock.Of <IPublicAccessService>(), AppCaches.NoCache, Mock.Of <ILogger>());
}
public void Sets_Default_Member_Type_From_Service_On_Init()
{
var mServiceMock = new Mock <IMembershipMemberService>();
var provider = new MembersMembershipProvider(mServiceMock.Object);
mServiceMock.Setup(service => service.GetDefaultMemberType()).Returns("Blah");
provider.Initialize("test", new NameValueCollection());
Assert.AreEqual("Blah", provider.DefaultMemberTypeAlias);
}
public MembershipHelper SetupMembership(IPublishedMemberCache cache = null)
{
var memberService = new Mock <IMemberService>();
var memberTypeService = Mock.Of <IMemberTypeService>();
var membershipProvider = new MembersMembershipProvider(memberService.Object, memberTypeService);
var memberCache = new Mock <IPublishedMemberCache>();
return(new MembershipHelper(HttpContextBase.Object, cache ?? memberCache.Object, membershipProvider, Mock.Of <RoleProvider>(), memberService.Object, memberTypeService, Mock.Of <IUserService>(), Mock.Of <IPublicAccessService>(), AppCaches.NoCache, Mock.Of <ILogger>()));
}
public MemberPasswordPolicy GetPasswordPolicy()
{
MembersMembershipProvider membersMembershipProvider = Membership.Providers["UmbracoMembershipProvider"] as MembersMembershipProvider;
if (membersMembershipProvider == null)
{
return(null);
}
return(new MemberPasswordPolicy(membersMembershipProvider));
}
public override void SetUp()
{
base.SetUp();
MembersMembershipProvider = new MembersMembershipProvider(MemberService, MemberTypeService);
MembersMembershipProvider.Initialize("test", new NameValueCollection {
{ "passwordFormat", MembershipPasswordFormat.Clear.ToString() }
});
DistributedCacheBinder = new DistributedCacheBinder(new DistributedCache(), Mock.Of <IUmbracoContextFactory>(), Logger);
DistributedCacheBinder.BindEvents(true);
}
public void Sets_Default_Member_Type_From_Config_On_Init()
{
var memberTypeServiceMock = new Mock <IMemberTypeService>();
memberTypeServiceMock.Setup(x => x.GetDefault()).Returns("Blah");
var provider = new MembersMembershipProvider(Mock.Of <IMembershipMemberService>(), memberTypeServiceMock.Object);
provider.Initialize("test", new NameValueCollection {
{ "defaultMemberTypeAlias", "Hello" }
});
Assert.AreEqual("Hello", provider.DefaultMemberTypeAlias);
}
public void Create_User_Already_Exists()
{
var mServiceMock = new Mock <IMembershipMemberService>();
mServiceMock.Setup(service => service.Exists("test")).Returns(true);
mServiceMock.Setup(service => service.GetDefaultMemberType()).Returns("Member");
var provider = new MembersMembershipProvider(mServiceMock.Object);
provider.Initialize("test", new NameValueCollection());
MembershipCreateStatus status;
var user = provider.CreateUser("test", "test", "testtest$1", "*****@*****.**", "test", "test", true, "test", out status);
Assert.IsNull(user);
}
public void Create_User_Requires_Unique_Email()
{
var mServiceMock = new Mock <IMembershipMemberService>();
mServiceMock.Setup(service => service.GetByEmail("*****@*****.**")).Returns(() => new Member("test", MockedContentTypes.CreateSimpleMemberType()));
mServiceMock.Setup(service => service.GetDefaultMemberType()).Returns("Member");
var provider = new MembersMembershipProvider(mServiceMock.Object);
provider.Initialize("test", new NameValueCollection {
{ "requiresUniqueEmail", "true" }
});
MembershipCreateStatus status;
var user = provider.CreateUser("test", "test", "testtest$1", "*****@*****.**", "test", "test", true, "test", out status);
Assert.IsNull(user);
}
public void Password_Hashed_With_Salt()
{
IMember createdMember = null;
var memberType = MockedContentTypes.CreateSimpleMemberType();
foreach (var p in ConventionsHelper.GetStandardPropertyTypeStubs())
{
memberType.AddPropertyType(p.Value);
}
var memberTypeServiceMock = new Mock <IMemberTypeService>();
memberTypeServiceMock.Setup(x => x.GetDefault()).Returns("Member");
var membershipServiceMock = new Mock <IMembershipMemberService>();
membershipServiceMock.Setup(service => service.Exists("test")).Returns(false);
membershipServiceMock.Setup(service => service.GetByEmail("*****@*****.**")).Returns(() => null);
membershipServiceMock.Setup(
service => service.CreateWithIdentity(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>(), It.IsAny <bool>()))
.Callback((string u, string e, string p, string m, bool isApproved) =>
{
createdMember = new Member("test", e, u, p, memberType, isApproved);
})
.Returns(() => createdMember);
var provider = new MembersMembershipProvider(membershipServiceMock.Object, memberTypeServiceMock.Object);
provider.Initialize("test", new NameValueCollection {
{ "passwordFormat", "Hashed" }, { "hashAlgorithmType", "HMACSHA256" }
});
MembershipCreateStatus status;
provider.CreateUser("test", "test", "testtest$1", "*****@*****.**", "test", "test", true, "test", out status);
Assert.AreNotEqual("test", createdMember.RawPasswordValue);
string salt;
var storedPassword = provider.StoredPassword(createdMember.RawPasswordValue, out salt);
var hashedPassword = provider.EncryptOrHashPassword("testtest$1", salt);
Assert.AreEqual(hashedPassword, storedPassword);
}
public void Setup()
{
_nhibernateTestSetup = new NhibernateTestSetupHelper();
var storageProvider = new IoHiveTestSetupHelper(_nhibernateTestSetup.FakeFrameworkContext);
Hive = new HiveManager(
new[]
{
new ProviderMappingGroup(
"test",
new WildcardUriMatch("content://"),
_nhibernateTestSetup.ReadonlyProviderSetup,
_nhibernateTestSetup.ProviderSetup,
_nhibernateTestSetup.FakeFrameworkContext),
storageProvider.CreateGroup("uploader", "storage://file-uploader"),
},
_nhibernateTestSetup.FakeFrameworkContext);
var appContext = new FakeRebelApplicationContext(Hive, false);
var resolverContext = new MockedMapResolverContext(_nhibernateTestSetup.FakeFrameworkContext, Hive, new MockedPropertyEditorFactory(appContext), new MockedParameterEditorFactory());
var webmModelMapper = new CmsModelMapper(resolverContext);
var renderModelMapper = new RenderTypesModelMapper(resolverContext);
_nhibernateTestSetup.FakeFrameworkContext.SetTypeMappers(new FakeTypeMapperCollection(new AbstractMappingEngine[] { webmModelMapper, renderModelMapper, new FrameworkModelMapper(_nhibernateTestSetup.FakeFrameworkContext) }));
var membersMembershipProvider = new MembersMembershipProvider {
AppContext = appContext
};
membersMembershipProvider.Initialize("MembersMembershipProvider", new NameValueCollection());
MembershipService = new MembershipService <Member, MemberProfile>(appContext.FrameworkContext, Hive,
"security://member-profiles", "security://member-groups", Framework.Security.Model.FixedHiveIds.MemberProfileVirtualRoot,
membersMembershipProvider, Enumerable.Empty <MembershipProviderElement>());
PublicAccessService = new PublicAccessService(Hive, MembershipService, appContext.FrameworkContext);
var serializer = new ServiceStackSerialiser();
SerializationService = new SerializationService(serializer);
}
public void BeforeTest()
{
_nhibernateTestSetup = new NhibernateTestSetupHelper(useNhProf: true);
var storageProvider = new IoHiveTestSetupHelper(_nhibernateTestSetup.FakeFrameworkContext);
Hive =
new HiveManager(
new[]
{
new ProviderMappingGroup(
"test1",
new WildcardUriMatch("content://"),
_nhibernateTestSetup.ReadonlyProviderSetup,
_nhibernateTestSetup.ProviderSetup,
_nhibernateTestSetup.FakeFrameworkContext),
new ProviderMappingGroup(
"test2",
new WildcardUriMatch("security://members"),
_nhibernateTestSetup.ReadonlyProviderSetup,
_nhibernateTestSetup.ProviderSetup,
_nhibernateTestSetup.FakeFrameworkContext),
storageProvider.CreateGroup("uploader", "storage://")
},
_nhibernateTestSetup.FakeFrameworkContext);
var appContext = new FakeRebelApplicationContext(Hive, true);
AttributeTypeRegistry.SetCurrent(new CmsAttributeTypeRegistry());
var task = new EnsureCoreDataTask(Hive.FrameworkContext,
Hive,
Enumerable.Empty <Lazy <Permission, PermissionMetadata> >(),
null);
task.InstallOrUpgrade();
Provider = new MembersMembershipProvider(Hive, appContext);
Provider.Initialize("MembersMembershipProvider", new NameValueCollection());
}
public void Basic_ControllerTest()
{
var username = "******";
var accessor = new Mock <IUmbracoContextAccessor>();
var member = new Mock <IMember>();
member.Setup(x => x.Username).Returns(username);
var memberService = new Mock <IMemberService>();
memberService.Setup(x => x.GetByUsername(username)).Returns(member.Object);
var memberCache = new Mock <IPublishedMemberCache>();
memberCache.Setup(x => x.GetByMember(member.Object)).Returns(Mock.Of <IPublishedContent>());
var memberTypeService = Mock.Of <IMemberTypeService>();
var membershipProvider = new MembersMembershipProvider(memberService.Object, memberTypeService);
var membershipHelper = new MembershipHelper(
_umbracoMockDependancyFactory.HttpContextBase.Object,
memberCache.Object,
membershipProvider,
Mock.Of <RoleProvider>(),
memberService.Object,
Mock.Of <IMemberTypeService>(),
Mock.Of <IUserService>(), Mock.Of <IPublicAccessService>(), AppCaches.NoCache, Mock.Of <Umbraco.Core.Logging.ILogger>());
_factory.Setup(x => x.GetInstance(typeof(MembershipHelper))).Returns(membershipHelper);
var action = new MemberController().Action(c => c.Index()).Authenticate(username, new string[0]);
var result = action.GetAuthorizationResult();
result.Should().BeNull();
}
private void RunTest(
HiveManager hiveManager,
FakeFrameworkContext frameworkContext,
Action installCallback = null)
{
var attributeTypeRegistry = new CmsAttributeTypeRegistry();
AttributeTypeRegistry.SetCurrent(attributeTypeRegistry);
var appContext = new FakeRebelApplicationContext(hiveManager, false);
var mockedPropertyEditorFactory = new MockedPropertyEditorFactory(appContext);
var resolverContext = new MockedMapResolverContext(frameworkContext, hiveManager, mockedPropertyEditorFactory, new MockedParameterEditorFactory());
var webmModelMapper = new CmsModelMapper(resolverContext);
frameworkContext.SetTypeMappers(new FakeTypeMapperCollection(new AbstractMappingEngine[] { webmModelMapper, new FrameworkModelMapper(frameworkContext) }));
var devDataset = DemoDataHelper.GetDemoData(appContext, attributeTypeRegistry);
//Setup permissions
var permissions = new Permission[] { new SavePermission(), new PublishPermission(), new HostnamesPermission(), new CopyPermission(), new MovePermission() }
.Select(x => new Lazy <Permission, PermissionMetadata>(() => x, new PermissionMetadata(new Dictionary <string, object>
{
{ "Id", x.Id },
{ "Name", x.Name },
{ "Type", x.Type },
{ "UserType", x.UserType }
}))).ToArray();
//Setup security service
var usersMembershipProvider = new UsersMembershipProvider {
AppContext = appContext
};
usersMembershipProvider.Initialize("UsersMembershipProvider", new NameValueCollection());
var usersMembershipService = new MembershipService <User, UserProfile>(frameworkContext, hiveManager,
"security://user-profiles", "security://user-groups", Framework.Security.Model.FixedHiveIds.UserProfileVirtualRoot,
usersMembershipProvider, Enumerable.Empty <MembershipProviderElement>());
ResetMembershipProvider(usersMembershipService.MembershipProvider);
var membersMembershipProvider = new MembersMembershipProvider {
AppContext = appContext
};
membersMembershipProvider.Initialize("MembersMembershipProvider", new NameValueCollection());
var membersMembershipService = new MembershipService <Member, MemberProfile>(frameworkContext, hiveManager,
"security://member-profiles", "security://member-groups", Framework.Security.Model.FixedHiveIds.MemberProfileVirtualRoot,
membersMembershipProvider, Enumerable.Empty <MembershipProviderElement>());
ResetMembershipProvider(membersMembershipService.MembershipProvider);
var permissionService = new PermissionsService(hiveManager, permissions, usersMembershipService);
var publicAccessService = new PublicAccessService(hiveManager, membersMembershipService, appContext.FrameworkContext);
var securityService = new SecurityService(usersMembershipService, membersMembershipService, permissionService, publicAccessService);
var coreDataInstallTask = new EnsureCoreDataTask(frameworkContext, hiveManager, permissions, securityService);
//var devDatasetInstallTask = new DevDatasetInstallTask(frameworkContext, mockedPropertyEditorFactory, hiveManager, attributeTypeRegistry);
//Act
coreDataInstallTask.InstallOrUpgrade();
if (installCallback != null)
{
installCallback();
}
//devDatasetInstallTask.InstallOrUpgrade();
//if (installCallback != null) installCallback();
//Assert
var totalSchemaCount = CoreCmsData.RequiredCoreSchemas().Count() + devDataset.DocTypes.Count() + 1; // +1 for SystemRoot schema
var totalEntityCount =
CoreCmsData.RequiredCoreUserGroups(permissions).Count() +
CoreCmsData.RequiredCoreRootNodes().Count() +
devDataset.ContentData.Count();
var totalAttributeTypeCount = CoreCmsData.RequiredCoreSystemAttributeTypes().Count() + CoreCmsData.RequiredCoreUserAttributeTypes().Count();
DoCoreAssertions(hiveManager, totalSchemaCount, totalEntityCount, totalAttributeTypeCount, 2, permissions, securityService);
//CoreCmsData.RequiredCoreUsers().ForEach(
// x =>
// {
// securityService.UsersMembershipService.DeleteUser(x.Username, true);
// securityService.MembersMembershipService.DeleteUser(x.Username, true);
// });
ResetMembershipProvider(securityService.Users.MembershipProvider);
ResetMembershipProvider(securityService.Members.MembershipProvider);
}