public void FindsUsersByEmailAddress() { var user = new User { Username = "******", HashedPassword = "******", EmailAddress = "*****@*****.**", PasswordHashAlgorithm = "PBKDF2" }; var service = new TestableUserService(); service.MockUserRepository .Setup(r => r.GetAll()) .Returns(new[] { user }.AsQueryable()); service.MockCrypto .Setup(c => c.ValidateSaltedHash(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>())) .Returns(true); var foundByEmailAddress = service.FindByUsernameOrEmailAddressAndPassword("*****@*****.**", "thePassword"); Assert.NotNull(foundByEmailAddress); Assert.Same(user, foundByEmailAddress); }
public void WillSaveTheNewUserAsConfirmedWhenConfigured() { var userService = new TestableUserService(); userService.MockConfig .Setup(x => x.ConfirmEmailAddresses) .Returns(false); userService.MockCrypto .Setup(x => x.GenerateSaltedHash(It.IsAny <string>(), It.IsAny <string>())) .Returns("theHashedPassword"); userService.Create( "theUsername", "thePassword", "theEmailAddress"); userService.MockUserRepository .Verify(x => x.InsertOnCommit( It.Is <User>( u => u.Username == "theUsername" && u.HashedPassword == "theHashedPassword" && u.Confirmed))); userService.MockUserRepository .Verify(x => x.CommitChanges()); }
public void ResetsPasswordAndPasswordTokenAndPasswordTokenDate() { var user = new User { Username = "******", EmailAddress = "*****@*****.**", PasswordResetToken = "some-token", PasswordResetTokenExpirationDate = DateTime.UtcNow.AddDays(1), PasswordHashAlgorithm = "PBKDF2" }; var userService = new TestableUserService(); userService.MockCrypto .Setup(c => c.GenerateSaltedHash("new-password", Constants.PBKDF2HashAlgorithmId)) .Returns("bacon-hash-and-eggs"); userService.MockUserRepository .Setup(r => r.GetAll()) .Returns(new[] { user }.AsQueryable()); bool result = userService.ResetPasswordWithToken("user", "some-token", "new-password"); Assert.True(result); Assert.Equal("bacon-hash-and-eggs", user.HashedPassword); Assert.Null(user.PasswordResetToken); Assert.Null(user.PasswordResetTokenExpirationDate); userService.MockUserRepository.Verify(u => u.CommitChanges()); }
public void FindsUsersUpdatesPasswordIfUsingLegacyHashAlgorithm() { var user = new User { Username = "******", HashedPassword = "******", EmailAddress = "*****@*****.**", PasswordHashAlgorithm = "SHA1" }; var service = new TestableUserService(); service.MockUserRepository .Setup(r => r.GetAll()) .Returns(new[] { user }.AsQueryable()); service.MockUserRepository .Setup(r => r.CommitChanges()) .Verifiable(); service.MockCrypto .Setup(c => c.ValidateSaltedHash("theHashedPassword", "thePassword", "SHA1")) .Returns(true); service.MockCrypto .Setup(c => c.GenerateSaltedHash("thePassword", "PBKDF2")) .Returns("theBetterHashedPassword"); service.FindByUsernameOrEmailAddressAndPassword("*****@*****.**", "thePassword"); Assert.Equal("PBKDF2", user.PasswordHashAlgorithm); Assert.Equal("theBetterHashedPassword", user.HashedPassword); service.MockUserRepository.Verify(r => r.CommitChanges(), Times.Once()); }
private Task <bool> InvokeTransformUserToOrganization(int affectedRecords, User admin = null) { // Arrange var service = new TestableUserService(); var account = new User("Account"); admin = admin ?? new User("Admin") { Credentials = new Credential[] { new CredentialBuilder().CreateExternalCredential( issuer: "AzureActiveDirectory", value: "abc123", identity: "Admin", tenantId: "zyx987") } }; service.MockDatabase .Setup(db => db.ExecuteSqlResourceAsync(It.IsAny <string>(), It.IsAny <object[]>())) .Returns(Task.FromResult(affectedRecords)); service.MockSecurityPolicyService .Setup(sp => sp.SubscribeAsync(It.IsAny <User>(), It.IsAny <IUserSecurityPolicySubscription>())) .Returns(Task.FromResult(true)); // Act return(service.TransformUserToOrganization(account, admin, "token")); }
public void WhenAdminIsOrganization_ReturnsFalse() { // Arrange var service = new TestableUserService(); var fakes = new Fakes(); var user = fakes.User; var organization = fakes.Organization; var passwordConfigMock = new Mock <ILoginDiscontinuationConfiguration>(); passwordConfigMock .Setup(x => x.AreOrganizationsSupportedForUser(user)) .Returns(true); service.MockConfigObjectService .Setup(x => x.LoginDiscontinuationConfiguration) .Returns(passwordConfigMock.Object); // Act string errorReason; var result = service.CanTransformUserToOrganization(user, organization, out errorReason); // Assert Assert.False(result); Assert.Equal(errorReason, String.Format(CultureInfo.CurrentCulture, Strings.TransformAccount_AdminAccountIsOrganization, organization.Username)); }
public void ResetsPasswordMigratesPasswordHash() { var user = new User { Username = "******", EmailAddress = "*****@*****.**", HashedPassword = CryptographyService.GenerateSaltedHash("thePassword", "SHA1"), PasswordHashAlgorithm = "SHA1", PasswordResetToken = "some-token", PasswordResetTokenExpirationDate = DateTime.UtcNow.AddDays(1), }; var userService = new TestableUserService(); userService.MockUserRepository .Setup(r => r.GetAll()) .Returns(new[] { user }.AsQueryable()); bool result = userService.ResetPasswordWithToken("user", "some-token", "new-password"); Assert.True(result); Assert.Equal("PBKDF2", user.PasswordHashAlgorithm); Assert.True(VerifyPasswordHash(user, "new-password")); Assert.Null(user.PasswordResetToken); Assert.Null(user.PasswordResetTokenExpirationDate); userService.MockUserRepository .Verify(u => u.CommitChanges()); }
public async Task WhenAdminUserIsNull_ThrowsNullRefException() { var service = new TestableUserService(); await ContractAssert.ThrowsArgNullAsync( async() => await service.RequestTransformToOrganizationAccount(accountToTransform: new User("account"), adminUser: null), "adminUser"); }
public async Task WithTokenThatDoesNotMatchUserReturnsFalse() { var user = new User { Username = "******", EmailConfirmationToken = "token" }; var service = new TestableUserService(); var confirmed = await service.ConfirmEmailAddress(user, "not-token"); Assert.False(confirmed); }
public void ReturnsFalseIfUserIsNotFound() { var service = new TestableUserService(); service.MockUserRepository .Setup(r => r.GetAll()).Returns(Enumerable.Empty<User>().AsQueryable()); var changed = service.ChangePassword("username", "oldpwd", "newpwd"); Assert.False(changed); }
public async Task WhenNoMatch_ThrowsEntityException() { // Arrange var service = new TestableUserService(); // Act & Assert await Assert.ThrowsAsync <EntityException>(async() => { await service.DeleteMemberAsync(new Organization(), "member"); }); }
public void DoesNotChangeConfirmationTokenButUserHasPendingEmailChange() { var user = new User { EmailAddress = "*****@*****.**", EmailConfirmationToken = "pending-token" }; var service = new TestableUserService(); service.UpdateProfile(user, "*****@*****.**", emailAllowed: true); Assert.Equal("pending-token", user.EmailConfirmationToken); }
public async Task WhenOrganizationIsNull_ThrowsException() { // Arrange var service = new TestableUserService(); // Act & Assert await Assert.ThrowsAsync <ArgumentNullException>(async() => { await service.UpdateMemberAsync(null, "member", false); }); }
public TheAddMemberAsyncMethod() { Fakes = new Fakes(); UserService = new TestableUserService(); UserService.MockUserRepository.Setup(r => r.GetAll()) .Returns(new[] { Fakes.User, Fakes.Organization }.AsQueryable()); }
public void ReturnsFalseIfUserIsNotFound() { var service = new TestableUserService(); service.MockUserRepository .Setup(r => r.GetAll()).Returns(Enumerable.Empty <User>().AsQueryable()); var changed = service.ChangePassword("username", "oldpwd", "newpwd"); Assert.False(changed); }
public void DoesNotSetConfirmationTokenWhenEmailAddressNotChanged() { var user = new User { EmailAddress = "*****@*****.**" }; var service = new TestableUserService(); service.UpdateProfile(user, "*****@*****.**", emailAllowed: true); Assert.Null(user.EmailConfirmationToken); }
public void WithTokenThatDoesNotMatchUserReturnsFalse() { var user = new User { Username = "******", EmailConfirmationToken = "token" }; var service = new TestableUserService(); var confirmed = service.ConfirmEmailAddress(user, "not-token"); Assert.False(confirmed); }
public void SetsAnApiKey() { var userService = new TestableUserService(); var user = userService.Create( "theUsername", "thePassword", "theEmailAddress"); Assert.NotEqual(Guid.Empty, user.ApiKey); }
public void SetsAConfirmationToken() { var userService = new TestableUserService(); var user = userService.Create( "theUsername", "thePassword", "theEmailAddress"); Assert.NotEmpty(user.EmailConfirmationToken); Assert.False(user.Confirmed); }
public void ReturnsFalseIfUserNotFound() { var userService = new TestableUserService(); userService.MockUserRepository .Setup(r => r.GetAll()) .Returns(Enumerable.Empty <User>().AsQueryable()); bool result = userService.ResetPasswordWithToken("user", "some-token", "new-password"); Assert.False(result); }
public async Task WhenCollaborator_DeletesMembership() { // Arrange var fakes = new Fakes(); var service = new TestableUserService(); // Act await service.DeleteMemberAsync(fakes.Organization, fakes.OrganizationCollaborator.Username); // Assert service.MockEntitiesContext.Verify(c => c.SaveChangesAsync(), Times.Once); }
public void WillHashThePassword() { var userService = new TestableUserService(); var user = userService.Create( "theUsername", "thePassword", "theEmailAddress"); Assert.Equal("PBKDF2", user.PasswordHashAlgorithm); Assert.True(VerifyPasswordHash(user, "thePassword")); }
public void FindsUsersByUserName() { var user = CreateAUser("theUsername", "thePassword", "*****@*****.**"); var service = new TestableUserService(); service.MockUserRepository .Setup(r => r.GetAll()) .Returns(new[] { user }.AsQueryable()); var foundByUserName = service.FindByUsernameAndPassword("theUsername", "thePassword"); Assert.NotNull(foundByUserName); Assert.Same(user, foundByUserName); }
public async Task WhenMemberNotFound_ThrowsEntityException() { // Arrange var fakes = new Fakes(); var service = new TestableUserService(); // Act & Assert await Assert.ThrowsAsync <EntityException>(async() => { await service.UpdateMemberAsync(fakes.Organization, fakes.User.Username, false); }); service.MockEntitiesContext.Verify(c => c.SaveChangesAsync(), Times.Never); }
public void SetsCreatedDate() { var userService = new TestableUserService(); var user = userService.Create( "theUsername", "thePassword", "theEmailAddress"); Assert.NotNull(user.CreatedUtc); // Allow for up to 5 secs of time to have elapsed between Create call and now. Should be plenty Assert.True((DateTime.UtcNow - user.CreatedUtc) < TimeSpan.FromSeconds(5)); }
public async Task SavesEmailSettings() { var user = new User { EmailAddress = "*****@*****.**", EmailAllowed = true, NotifyPackagePushed = true }; var service = new TestableUserService(); service.MockUserRepository .Setup(r => r.GetAll()) .Returns(new[] { user }.AsQueryable()); // Disable notifications await service.ChangeEmailSubscriptionAsync(user, false, false); Assert.Equal(false, user.EmailAllowed); Assert.Equal(false, user.NotifyPackagePushed); // Enable contact notifications await service.ChangeEmailSubscriptionAsync(user, true, false); Assert.Equal(true, user.EmailAllowed); Assert.Equal(false, user.NotifyPackagePushed); // Disable notifications await service.ChangeEmailSubscriptionAsync(user, false, false); Assert.Equal(false, user.EmailAllowed); Assert.Equal(false, user.NotifyPackagePushed); // Enable package pushed notifications await service.ChangeEmailSubscriptionAsync(user, false, true); Assert.Equal(false, user.EmailAllowed); Assert.Equal(true, user.NotifyPackagePushed); // Disable notifications await service.ChangeEmailSubscriptionAsync(user, false, false); Assert.Equal(false, user.EmailAllowed); Assert.Equal(false, user.NotifyPackagePushed); // Enable all notifications await service.ChangeEmailSubscriptionAsync(user, true, true); Assert.Equal(true, user.EmailAllowed); Assert.Equal(true, user.NotifyPackagePushed); service.MockUserRepository .Verify(r => r.CommitChangesAsync()); }
public void WhenAccountHasMemberships_ReturnsFalse() { // Arrange var service = new TestableUserService(); var fakes = new Fakes(); // Act string errorReason; var result = service.CanTransformUserToOrganization(fakes.OrganizationCollaborator, out errorReason); // Assert Assert.False(result); Assert.Equal(errorReason, String.Format(CultureInfo.CurrentCulture, Strings.TransformAccount_AccountHasMemberships, fakes.OrganizationCollaborator.Username)); }
public void DoesNotSetConfirmationTokenWhenEmailAddressNotChanged() { var user = new User { EmailAddress = "*****@*****.**" }; var service = new TestableUserService(); service.MockCrypto .Setup(c => c.GenerateToken()) .Returns("token"); service.UpdateProfile(user, "*****@*****.**", emailAllowed: true); Assert.Null(user.EmailConfirmationToken); }
public void WillHashThePassword() { var userService = new TestableUserService(); userService.MockCrypto .Setup(x => x.GenerateSaltedHash("thePassword", It.IsAny <string>())) .Returns("theHashedPassword"); var user = userService.Create( "theUsername", "thePassword", "theEmailAddress"); Assert.Equal("theHashedPassword", user.HashedPassword); }
public void ReturnsFalseIfPasswordDoesNotMatchUser() { var service = new TestableUserService(); service.MockUserRepository .Setup(r => r.GetAll()).Returns(new[] { new User { Username = "******", HashedPassword = "******" } }.AsQueryable()); service.MockCrypto .Setup(s => s.ValidateSaltedHash(It.IsAny<string>(), It.IsAny<string>(), Constants.Sha512HashAlgorithmId)).Returns(false); var changed = service.ChangePassword("user", "oldpwd", "newpwd"); Assert.False(changed); }
public void WhenAccountIsInWhitelist_ReturnsTrue() { // Arrange var service = new TestableUserService(); service.MockConfig.SetupGet(c => c.OrganizationsEnabledForDomains).Returns(new[] { "example.com" }); var fakes = new Fakes(); // Act string errorReason; var result = service.CanTransformUserToOrganization(fakes.User, out errorReason); // Assert Assert.True(result); }
public void UpdatesTheHashedPassword() { var hash = CryptographyService.GenerateSaltedHash("oldpwd", "PBKDF2"); var user = new User { Username = "******", HashedPassword = hash, PasswordHashAlgorithm = "PBKDF2" }; var service = new TestableUserService(); service.MockUserRepository .Setup(r => r.GetAll()).Returns(new[] { user }.AsQueryable()); var changed = service.ChangePassword("user", "oldpwd", "newpwd"); Assert.True(VerifyPasswordHash(user, "newpwd")); }
public void SetsTheUserToConfirmedWhenEmailConfirmationIsNotEnabled() { var userService = new TestableUserService(); userService.MockConfig .Setup(x => x.ConfirmEmailAddresses) .Returns(false); var user = userService.Create( "theUsername", "thePassword", "theEmailAddress"); Assert.Equal(true, user.Confirmed); }
public void ReturnsTrueWhenSuccessful() { var user = new User { Username = "******", HashedPassword = "******", PasswordHashAlgorithm = "PBKDF2" }; var service = new TestableUserService(); service.MockUserRepository .Setup(r => r.GetAll()).Returns(new[] { user }.AsQueryable()); service.MockCrypto .Setup(s => s.ValidateSaltedHash("old hash", "oldpwd", Constants.PBKDF2HashAlgorithmId)).Returns(true); service.MockCrypto .Setup(s => s.GenerateSaltedHash("newpwd", Constants.PBKDF2HashAlgorithmId)).Returns("hash and bacon"); var changed = service.ChangePassword("user", "oldpwd", "newpwd"); Assert.True(changed); Assert.Equal("hash and bacon", user.HashedPassword); }
public void WithEmptyTokenThrowsArgumentNullException() { var service = new TestableUserService(); Assert.Throws<ArgumentNullException>(() => service.ConfirmEmailAddress(new User(), "")); }
public void SavesEmailAllowedSetting() { var user = new User { EmailAddress = "*****@*****.**", EmailAllowed = true }; var service = new TestableUserService(); service.MockUserRepository .Setup(r => r.GetAll()) .Returns(new[] { user }.AsQueryable()); service.UpdateProfile(user, false); Assert.Equal(false, user.EmailAllowed); service.MockUserRepository .Verify(r => r.CommitChanges()); }
public async Task WithTokenThatDoesMatchUserConfirmsUserAndReturnsTrue() { var user = new User { Username = "******", EmailConfirmationToken = "secret", UnconfirmedEmailAddress = "*****@*****.**" }; var service = new TestableUserService(); var confirmed = await service.ConfirmEmailAddress(user, "secret"); Assert.True(confirmed); Assert.True(user.Confirmed); Assert.Equal("*****@*****.**", user.EmailAddress); Assert.Null(user.UnconfirmedEmailAddress); Assert.Null(user.EmailConfirmationToken); }
public async Task WithEmptyTokenThrowsArgumentNullException() { var service = new TestableUserService(); await AssertEx.Throws<ArgumentNullException>(() => service.ConfirmEmailAddress(new User(), "")); }
public void WillSaveTheNewUserAsConfirmedWhenConfigured() { var userService = new TestableUserService(); userService.MockConfig .Setup(x => x.ConfirmEmailAddresses) .Returns(false); userService.Create( "theUsername", "thePassword", "theEmailAddress"); userService.MockUserRepository .Verify(x => x.InsertOnCommit( It.Is<User>( u => u.Username == "theUsername" && u.Confirmed))); userService.MockUserRepository .Verify(x => x.CommitChanges()); }
public async Task WithNullUserThrowsArgumentNullException() { var service = new TestableUserService(); await AssertEx.Throws<ArgumentNullException>(() => service.ConfirmEmailAddress(null, "token")); }
public void ThrowsExceptionIfUserNotConfirmed() { var user = new User { Username = "******", PasswordResetToken = "some-token", PasswordResetTokenExpirationDate = DateTime.UtcNow.AddDays(1) }; var userService = new TestableUserService(); userService.MockUserRepository .Setup(r => r.GetAll()) .Returns(new[] { user }.AsQueryable()); Assert.Throws<InvalidOperationException>(() => userService.ResetPasswordWithToken("user", "some-token", "new-password")); }
public void FindsUsersByEmailAddress() { var user = new User { Username = "******", HashedPassword = CryptographyService.GenerateSaltedHash("thePassword", Constants.PBKDF2HashAlgorithmId), EmailAddress = "*****@*****.**", PasswordHashAlgorithm = "PBKDF2" }; var service = new TestableUserService(); service.MockUserRepository .Setup(r => r.GetAll()) .Returns(new[] { user }.AsQueryable()); var foundByEmailAddress = service.FindByUsernameOrEmailAddressAndPassword("*****@*****.**", "thePassword"); Assert.NotNull(foundByEmailAddress); Assert.Same(user, foundByEmailAddress); }
public void FindsUsersUpdatesPasswordIfUsingLegacyHashAlgorithm() { var user = new User { Username = "******", HashedPassword = CryptographyService.GenerateSaltedHash("thePassword", "SHA1"), PasswordHashAlgorithm = "SHA1", EmailAddress = "*****@*****.**", }; var service = new TestableUserService(); service.MockUserRepository .Setup(r => r.GetAll()) .Returns(new[] { user }.AsQueryable()); service.MockUserRepository .Setup(r => r.CommitChanges()) .Verifiable(); service.FindByUsernameOrEmailAddressAndPassword("*****@*****.**", "thePassword"); Assert.Equal("PBKDF2", user.PasswordHashAlgorithm); Assert.True(VerifyPasswordHash(user, "thePassword")); service.MockUserRepository.Verify(r => r.CommitChanges(), Times.Once()); }
public void ReturnsFalseIfPasswordDoesNotMatchUser_PBKDF2() { var user = new User { Username = "******", HashedPassword = CryptographyService.GenerateSaltedHash("oldpwd", "PBKDF2"), PasswordHashAlgorithm = "PBKDF2", }; var service = new TestableUserService(); service.MockUserRepository .Setup(r => r.GetAll()).Returns(new[] { user}.AsQueryable()); var changed = service.ChangePassword("user", "not_the_password", "newpwd"); Assert.False(changed); }
public async Task WritesAuditRecord() { var user = new User { Username = "******", EmailConfirmationToken = "secret", EmailAddress = "*****@*****.**", UnconfirmedEmailAddress = "*****@*****.**" }; var service = new TestableUserService(); var confirmed = await service.ConfirmEmailAddress(user, "secret"); Assert.True(service.Auditing.WroteRecord<UserAuditRecord>(ar => ar.Action == AuditedUserAction.ConfirmEmail && ar.AffectedEmailAddress == "*****@*****.**")); }
public void WithNullUserThrowsArgumentNullException() { var service = new TestableUserService(); Assert.Throws<ArgumentNullException>(() => service.ConfirmEmailAddress(null, "token")); }
public void SetsUnconfirmedEmailWhenEmailIsChanged() { var user = new User { EmailAddress = "*****@*****.**", EmailAllowed = true, EmailConfirmationToken = null }; var service = new TestableUserService(); service.MockUserRepository .Setup(r => r.GetAll()) .Returns(new[] { user }.AsQueryable()); service.UpdateProfile(user, "*****@*****.**", true); Assert.Equal("*****@*****.**", user.EmailAddress); Assert.Equal("*****@*****.**", user.UnconfirmedEmailAddress); service.MockUserRepository .Verify(r => r.CommitChanges()); }
public async Task SavesEmailSettings() { var user = new User { EmailAddress = "*****@*****.**", EmailAllowed = true, NotifyPackagePushed = true}; var service = new TestableUserService(); service.MockUserRepository .Setup(r => r.GetAll()) .Returns(new[] { user }.AsQueryable()); // Disable notifications await service.ChangeEmailSubscriptionAsync(user, false, false); Assert.Equal(false, user.EmailAllowed); Assert.Equal(false, user.NotifyPackagePushed); // Enable contact notifications await service.ChangeEmailSubscriptionAsync(user, true, false); Assert.Equal(true, user.EmailAllowed); Assert.Equal(false, user.NotifyPackagePushed); // Disable notifications await service.ChangeEmailSubscriptionAsync(user, false, false); Assert.Equal(false, user.EmailAllowed); Assert.Equal(false, user.NotifyPackagePushed); // Enable package pushed notifications await service.ChangeEmailSubscriptionAsync(user, false, true); Assert.Equal(false, user.EmailAllowed); Assert.Equal(true, user.NotifyPackagePushed); // Disable notifications await service.ChangeEmailSubscriptionAsync(user, false, false); Assert.Equal(false, user.EmailAllowed); Assert.Equal(false, user.NotifyPackagePushed); // Enable all notifications await service.ChangeEmailSubscriptionAsync(user, true, true); Assert.Equal(true, user.EmailAllowed); Assert.Equal(true, user.NotifyPackagePushed); service.MockUserRepository .Verify(r => r.CommitChangesAsync()); }
public async Task ThrowsArgumentExceptionForNullUser() { var service = new TestableUserService(); await ContractAssert.ThrowsArgNullAsync(async () => await service.ChangeEmailSubscriptionAsync(null, emailAllowed: true, notifyPackagePushed: true), "user"); }
public void WillSaveTheNewUser() { var userService = new TestableUserService(); userService.Create( "theUsername", "thePassword", "theEmailAddress"); userService.MockUserRepository .Verify(x => x.InsertOnCommit( It.Is<User>( u => u.Username == "theUsername" && u.UnconfirmedEmailAddress == "theEmailAddress"))); userService.MockUserRepository .Verify(x => x.CommitChanges()); }
public void ReturnsFalseIfUserNotFound() { var userService = new TestableUserService(); userService.MockUserRepository .Setup(r => r.GetAll()) .Returns(Enumerable.Empty<User>().AsQueryable()); bool result = userService.ResetPasswordWithToken("user", "some-token", "new-password"); Assert.False(result); }
public void ThrowsArgumentExceptionForNullUser() { var service = new TestableUserService(); ContractAssert.ThrowsArgNull(() => service.UpdateProfile(null, emailAllowed: true), "user"); }