public void IsSystemAccount_Email_Failure()
{
Assert.IsFalse(SystemAccountHelper.IsSystemAccount("*****@*****.**"));
Assert.IsFalse(SystemAccountHelper.IsSystemAccount("*****@*****.**"));
Assert.IsFalse(SystemAccountHelper.IsSystemAccount("*****@*****.**"));
Assert.IsFalse(SystemAccountHelper.IsSystemAccount("*****@*****.**"));
}
public async Task UpdatePassword(string contextUserEmail, UserUpdatePasswordDto dto, long userId)
{
await ThrowIfNotInRole(contextUserEmail, UserRoleEnum.Viewer);
if (dto == null)
{
throw new ArgumentNullException(nameof(UserUpdatePasswordDto));
}
if (dto.OldPassword.Equals(dto.NewPassword))
{
throw new BadRequestException("Please provide a different password.");
}
var hashedPassword = _hashProvider.Hash(dto.OldPassword);
var entity =
await
_context.Users.FirstOrDefaultAsync(
u => u.Id == userId && u.Password.Equals(hashedPassword) && !SystemAccountHelper.IsSystemAccount(u.Id));
if (entity == null)
{
throw new EntityNotFoundException(userId);
}
if (!entity.Email.Equals(contextUserEmail))
{
throw new UnauthorizeException();
}
entity.Password = _hashProvider.Hash(dto.NewPassword);
await _context.SaveChangesAsync();
}
public void IsSystemAccount_ID_Failure()
{
//Simply test that a few IDs that would be IDENTITY values in the database's User.Id column
//are NOT system accounts.
for (int counter = 1; counter < 10; counter++)
{
Assert.IsFalse(SystemAccountHelper.IsSystemAccount(counter));
}
}
public void IsSystemAccount_Email_Success()
{
var systemAccounts = SystemAccountHelper.SystemAccounts;
foreach (var systemAccount in systemAccounts)
{
var isSystemAccount = SystemAccountHelper.IsSystemAccount(systemAccount.Email);
Assert.IsTrue(isSystemAccount);
}
}
public async Task <IActionResult> Get()
{
try
{
var data = await _userService.Where(x => !SystemAccountHelper.IsSystemAccount(x.Id));
return(Ok(data));
}
catch (Exception e)
{
return(Exception(e));
}
}
public async Task <IActionResult> Get(long id)
{
try
{
var data = await _userService.Find(x => x.Id == id && !SystemAccountHelper.IsSystemAccount(x.Id));
return(Ok(data));
}
catch (Exception e)
{
return(Exception(e));
}
}
public async Task Delete(string contextUserEmail, long userId)
{
await ThrowIfNotInRole(contextUserEmail, UserRoleEnum.Admin);
var entity =
await _context.Users.FirstOrDefaultAsync(u => u.Id == userId && !SystemAccountHelper.IsSystemAccount(u.Id));
if (entity == null)
{
throw new EntityNotFoundException(userId);
}
_context.Users.Remove(entity);
await _context.SaveChangesAsync();
}
protected override void PopulateData()
{
var seeded = _databaseContext.Users.Any(x => SystemAccountHelper.IsSystemAccount(x.Id));
if (seeded)
{
Console.WriteLine("System accounts have already been seeded. Use the -f command line option, if your intent was to repopulate the system accounts.");
return;
}
foreach (var userAccount in SystemAccountHelper.SystemAccounts)
{
var query = $@"SET IDENTITY_INSERT {userTableName} ON
INSERT INTO {userTableName}
(Id, DisplayName, Role, Password, Email)
VALUES({userAccount.Id}, '{userAccount.DisplayName}',
{(int)userAccount.Role}, '{userAccount.Password}', '{userAccount.Email}')
SET IDENTITY_INSERT {userTableName} OFF" ;
_databaseContext.Database.ExecuteSqlCommand(query);
}
}
public async Task Update(string contextUserEmail, UserUpdateDto dto, long userId)
{
await ThrowIfNotInRole(contextUserEmail, UserRoleEnum.Admin);
if (dto == null)
{
throw new ArgumentNullException(nameof(UserUpdateDto));
}
var entity =
await _context.Users.FirstOrDefaultAsync(u => u.Id == userId && !SystemAccountHelper.IsSystemAccount(u.Id));
if (entity == null)
{
throw new EntityNotFoundException(userId);
}
entity.DisplayName = dto.DisplayName;
entity.Role = dto.Role;
await _context.SaveChangesAsync();
}
public async Task ThrowIfNotInRole(string email, UserRoleEnum role)
{
if (SystemAccountHelper.IsSystemAccount(email))
{
return;
}
var entity = await _context.Users.FirstOrDefaultAsync(u => u.Email.Equals(email));
if (entity == null)
{
throw new EntityNotFoundException();
}
if (role == UserRoleEnum.Viewer)
{
if (entity.Role == UserRoleEnum.Viewer || entity.Role == UserRoleEnum.Editor ||
entity.Role == UserRoleEnum.Admin)
{
return;
}
}
if (role == UserRoleEnum.Editor)
{
if (entity.Role == UserRoleEnum.Editor || entity.Role == UserRoleEnum.Admin)
{
return;
}
}
if (role == UserRoleEnum.Admin && entity.Role == UserRoleEnum.Admin)
{
return;
}
throw new UnauthorizeException();
}