public void Userods_CheckUserAndPassoword_UpdateFailedAttemptsFromOtherMethods() { //First, setup the test scenario. long group1 = UserGroupT.CreateUserGroup("usergroup1"); Userod myUser = UserodT.CreateUser(MethodBase.GetCurrentMethod().Name + DateTime.Now.Ticks, "reallystrongpassword", userGroupNumbers: new List <long>() { group1 }); Security.CurUser = myUser; Security.PasswordTyped = "passwordguess#1"; CredentialsFailedAfterLoginEvent.Fired += CredentialsFailedAfterLoginEvent_Fired1; RunTestsAgainstMiddleTier(new OpenDentBusiness.WebServices.OpenDentalServerMockIIS(user: myUser.UserName, password: myUser.Password)); //try once with the wrong password. Failed attempt should get incremented to 1. ODException.SwallowAnyException(() => { Userods.CheckUserAndPassword(myUser.UserName, "passwordguess#1", false); }); //Get our updated user from the DB. RunTestsAgainstDirectConnection(); myUser = Userods.GetUserByNameNoCache(myUser.UserName); //Assert that we only have 1 failed attempt. Assert.AreEqual(1, myUser.FailedAttempts); //now wait for another method to get called RunTestsAgainstMiddleTier(new OpenDentBusiness.WebServices.OpenDentalServerMockIIS(user: myUser.UserName, password: myUser.Password)); ODException.SwallowAnyException(() => { Computers.UpdateHeartBeat(Environment.MachineName, false); }); RunTestsAgainstDirectConnection(); //Get our updated user from the DB. myUser = Userods.GetUserByNameNoCache(myUser.UserName); //Assert that we only have 1 failed attempt. Assert.AreEqual(1, myUser.FailedAttempts); }
public void Userods_CheckUserAndPassword_LockoutAfterUserHasLoggedInButPasswordIsNotCorrectAfter5Attempts() { //First, setup the test scenario. long group1 = UserGroupT.CreateUserGroup("usergroup1"); bool isAccountLocked = false; Userod myUser = UserodT.CreateUser(MethodBase.GetCurrentMethod().Name + DateTime.Now.Ticks, "reallystrongpassword", userGroupNumbers: new List <long>() { group1 }); //Make 5 bad password attempts for (int i = 1; i < 6; i++) { ODException.SwallowAnyException(() => { Userods.CheckUserAndPassword(myUser.UserName, "passwordguess#" + i, false); }); } try { //the 6th bad attempt should kick us with a message saying that our account has been locked. Userods.CheckUserAndPassword(myUser.UserName, "passwordguess#6", false); } catch (Exception e) { if (e.Message.Contains("Account has been locked due to failed log in attempts")) { isAccountLocked = true; } } //Get our updated user from the DB. myUser = Userods.GetUserByNameNoCache(myUser.UserName); //Assert that we got to 5 failed attempts and that the account has been locked. Assert.AreEqual(5, myUser.FailedAttempts); Assert.AreEqual(true, isAccountLocked); }
public void Userods_CheckUserAndPassoword_UpdateFailedAttemptsTo5() { //First, setup the test scenario. long group1 = UserGroupT.CreateUserGroup("usergroup1"); Userod myUser = UserodT.CreateUser(MethodBase.GetCurrentMethod().Name + DateTime.Now.Ticks, "reallystrongpassword", userGroupNumbers: new List <long>() { group1 }); CredentialsFailedAfterLoginEvent.Fired += CredentialsFailedAfterLoginEvent_Fired1; Security.CurUser = myUser; Security.PasswordTyped = "passwordguess#1"; RunTestsAgainstMiddleTier(); //try with 5 incorrect passwords. Failed attempt should get incremented to 5. for (int i = 1; i < 6; i++) { ODException.SwallowAnyException(() => { try { Userods.CheckUserAndPassword(myUser.UserName, "passwordguess#" + i, false); } catch (Exception e) { } }); } //Get our updated user from the DB. RunTestsAgainstDirectConnection(); myUser = Userods.GetUserByNameNoCache(myUser.UserName); //Assert that there are 5 failed attempts. Assert.AreEqual(5, myUser.FailedAttempts); }
public void Userods_CheckUserAndPassword_IncreaseFailedAttemptsAfterUserHasLoggedInButPasswordIsNotCorrect() { //First, setup the test scenario. //This test is intended to be tested on middle tier. long group1 = UserGroupT.CreateUserGroup("usergroup1"); Userod myUser = UserodT.CreateUser(MethodBase.GetCurrentMethod().Name + DateTime.Now.Ticks, "reallystrongpassword", userGroupNumbers: new List <long>() { group1 }); RunTestsAgainstMiddleTier(new OpenDentBusiness.WebServices.OpenDentalServerMockIIS(user: myUser.UserName, password: myUser.Password)); Security.CurUser = myUser; Security.PasswordTyped = "passwordguess#1"; CredentialsFailedAfterLoginEvent.Fired += CredentialsFailedAfterLoginEvent_Fired1; //make a single bad password attempt. ODException.SwallowAnyException(() => { Userods.CheckUserAndPassword(myUser.UserName, "passwordguess#1", false); }); //Get our user from the DB RunTestsAgainstDirectConnection(); myUser = Userods.GetUserByNameNoCache(myUser.UserName); //Asssert that the failed attempt got incremented correctly. Assert.AreEqual(1, myUser.FailedAttempts); }