public void changePassword_post_currentUser_should_not_allow_change_pass_if_oldPassword_is_not_valid() { UsersManagement.CheckUserPassword(Arg.Any<string>(), Arg.Any<string>()).Returns(false); string oldPassword = "******"; var viewModel = new UserChangePasswordViewModel() { LoginName = CurrentUserLogin, OldPassword = oldPassword, NewPassword = "******", ConfirmPassword = "******" }; InitTestUsers(RoleType.Appraiser); var result = Target.ChangePassword(viewModel, ButtonTypes.Save); UsersManagement.Received().CheckUserPassword(CurrentUserLogin, oldPassword); UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(Arg.Any<string>(), Arg.Any<int>(), Arg.Any<string>()); Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit(); }
public ActionResult ChangePassword(UserChangePasswordViewModel model, ButtonTypes pressedButtonType) { if (pressedButtonType == ButtonTypes.Save) { if (string.IsNullOrEmpty(model.LoginName)) { ModelState.AddModelError("incorrectUserPassword", "You have no permissions to change password."); return PartialView(Constants.Views.UserChangePassword, model.ClearPasswords()); } if (!ModelState.IsValidField("NewPassword") || !ModelState.IsValidField("ConfirmPassword") || !model.NewPassword.Equals(model.ConfirmPassword)) return PartialView(Constants.Views.UserChangePassword, model.ClearPasswords()); if (!_appraiserAccessManager.CanChangePasswordForUser(model.LoginName)) { ModelState.AddModelError("incorrectUserPassword", "You have no permissions to change password."); return PartialView(Constants.Views.UserChangePassword, model.ClearPasswords()); } if (model.LoginName.Equals(User.Identity.Name, StringComparison.OrdinalIgnoreCase)) { if (!_userManagement.CheckUserPassword(model.LoginName, model.OldPassword)) ModelState.AddModelError("OldPassword", "Incorrect old password"); } else ModelState["OldPassword"].Errors.Clear(); if (!ModelState.IsValid) return PartialView(Constants.Views.UserChangePassword, model.ClearPasswords()); var user = _userManagement.GetByEmail(model.LoginName); _userManagement.ChangePassword(model.LoginName, user.Id, model.NewPassword); _userManagement.ClearFailedAttempt(model.LoginName); if (model.LoginName.ToLower() != User.Identity.Name.ToLower()) { _taskManager.ScheduleChangePasswordNotification(model.LoginName, model.NewPassword); } CommitProviderInstance.Commit(); return Constants.Json.Default; } return Constants.Json.Default; }
public void changePassword_post_should_not_allow_change_pass_if_newpass_is_not_confirmed() { UsersManagement.CheckUserPassword(Arg.Any<string>(), Arg.Any<string>()).Returns(true); var viewModel = new UserChangePasswordViewModel() { LoginName = CurrentUserLogin, OldPassword = "******", NewPassword = "******", ConfirmPassword = "******" }; var result = Target.ChangePassword(viewModel, ButtonTypes.Save); UsersManagement.DidNotReceiveWithAnyArgs().CheckUserPassword(Arg.Any<string>(), Arg.Any<string>()); UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(Arg.Any<string>(), Arg.Any<int>(), Arg.Any<string>()); Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit(); }
public void changePassword_post_AppraisalCompanyAdminAndAppraiser_cannot_change_pass_for_DvsUsers() { var userId = 33; var viewModel = new UserChangePasswordViewModel() { LoginName = "*****@*****.**", OldPassword = "******", NewPassword = "******", ConfirmPassword = "******" }; InitTestUsers(RoleType.CompanyAdminAndAppraiser); UsersManagement.GetByEmail(viewModel.LoginName).Returns( new User() { Roles = new Role[] { new Role() { Id = (int)RoleType.DvsSuperAdmin } }, Id = userId }); var result = Target.ChangePassword(viewModel, ButtonTypes.Save); UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(viewModel.LoginName, userId, viewModel.NewPassword); Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit(); UsersManagement.GetByEmail(viewModel.LoginName).Returns( new User() { Roles = new Role[] { new Role() { Id = (int)RoleType.DvsAdmin } }, Id = userId }); result = Target.ChangePassword(viewModel, ButtonTypes.Save); UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(viewModel.LoginName, userId, viewModel.NewPassword); Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit(); }
public void changePassword_post_Appraiser_cannt_change_pass_for_other_user() { var viewModel = new UserChangePasswordViewModel() { LoginName = "*****@*****.**", OldPassword = "******", NewPassword = "******", ConfirmPassword = "******" }; foreach (RoleType role in Enum.GetValues(typeof(RoleType))) { InitTestUsers(RoleType.Appraiser); UsersManagement.GetByEmail(viewModel.LoginName).Returns( new User() { Roles = new Role[] { new Role() { Id = (int)role } } }); var result = Target.ChangePassword(viewModel, ButtonTypes.Save); UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(Arg.Any<string>(), Arg.Any<int>(), Arg.Any<string>()); Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit(); } }
public void changePassword_post_AppraisalCompanyAdmin_cannot_change_pass_for_other_company() { var userId = 32; var viewModel = new UserChangePasswordViewModel() { LoginName = "*****@*****.**", OldPassword = "******", NewPassword = "******", ConfirmPassword = "******" }; InitTestUsers(RoleType.AppraisalCompanyAdmin); UsersManagement.GetByEmail(viewModel.LoginName).Returns( new User() { Email = viewModel.LoginName, Roles = new Role[] { new Role() { Id = (int)RoleType.Appraiser }, }, Id = userId }); AppraiserManager.GetByEmail(CurrentUserLogin).Returns(new AppraiserUser { Company = new Model.Entities.AppraisalCompany.AppraisalCompanyDetail() { CompanyId = "AAA" } }); AppraiserManager.GetByEmail(viewModel.LoginName).Returns(new AppraiserUser { Company = new Model.Entities.AppraisalCompany.AppraisalCompanyDetail() { CompanyId = "BBB" } }); var result = Target.ChangePassword(viewModel, ButtonTypes.Save); UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(viewModel.LoginName, userId, viewModel.NewPassword); Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit(); InitTestUsers(RoleType.CompanyAdminAndAppraiser); result = Target.ChangePassword(viewModel, ButtonTypes.Save); UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(viewModel.LoginName, userId, viewModel.NewPassword); Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit(); }
public void changePassword_post_SuperDVSAdmin_can_change_pass_for_other_user() { var userId = 12; var viewModel = new UserChangePasswordViewModel() { LoginName = "*****@*****.**", OldPassword = "******", NewPassword = "******", ConfirmPassword = "******" }; InitTestUsers(RoleType.DvsSuperAdmin); UsersManagement.GetByEmail(viewModel.LoginName).Returns( new User() { Roles = new Role[] { new Role() { Id = (int)RoleType.DvsSuperAdmin } }, Id = userId }); var result = Target.ChangePassword(viewModel, ButtonTypes.Save); UsersManagement.Received().ChangePassword(viewModel.LoginName, userId, viewModel.NewPassword); Target.CommitProviderInstance.Received().Commit(); }
public void changePassword_post_should_allow_change_pass_if_for_current_user() { UsersManagement.CheckUserPassword(Arg.Any<string>(), Arg.Any<string>()).Returns(true); var viewModel = new UserChangePasswordViewModel() { LoginName = CurrentUserLogin, OldPassword = "******", NewPassword = "******", ConfirmPassword = "******" }; InitTestUsers(RoleType.Appraiser); var result = Target.ChangePassword(viewModel, ButtonTypes.Save); UsersManagement.Received().CheckUserPassword(CurrentUserLogin, viewModel.OldPassword); UsersManagement.Received().ChangePassword(CurrentUserLogin, Arg.Any<int>(), viewModel.NewPassword); Target.CommitProviderInstance.ReceivedWithAnyArgs().Commit(); }