public void AuthorizationAttribute_Test()
{
var sessionItems = new System.Web.SessionState.SessionStateItemCollection();
var controllerContext = new FakeControllerContext(TestHelper.Resolve<TopicsController>(), "http://localhost", null, null, new System.Collections.Specialized.NameValueCollection(), new System.Collections.Specialized.NameValueCollection(), new System.Web.HttpCookieCollection(), sessionItems);
var context = new AuthorizationContext(controllerContext, new FakeActionDescriptor());
var att = new RequireAuthorizationAttribute(UserRole.Member);
att.Routes.Add(new StrictRoute("login", new MvcRouteHandler())
{
Url = "login",
Defaults = new System.Web.Routing.RouteValueDictionary(new
{
controller = "Authentication",
action = "Login"
})
});
context.Result = null;
att.OnAuthorization(context);
Assert.IsInstanceOfType(context.Result, typeof(RedirectResult));
//Test with user
User user = ServicesTests.GetTestUser();
sessionItems["User"] = new UserState(user, AuthenticationProvider.Facebook);
context.Result = null;
att.OnAuthorization(context);
Assert.IsNull(context.Result);
}
public void User_Ban_Test()
{
var controller = TestHelper.Resolve<UsersController>();
var context = new FakeControllerContext(controller);
var sessionWrapper = new SessionWrapper(context.HttpContext);
sessionWrapper.SetUser(ServicesTests.GetTestUser(), AuthenticationProvider.CustomDb);
controller.ControllerContext = context;
controller.Ban(0, ModeratorReason.Spamming, null);
Assert.IsFalse((bool)controller.ViewData.Model);
}
public void PreventFloodAttribute_Role_Test()
{
//set up context
var controller = TestHelper.Resolve<TopicsController>();
var controllerContext = new FakeControllerContext(controller, "http://localhost");
var executingFilterContext = new ActionExecutingContext(controllerContext, new FakeActionDescriptor(), new Dictionary<string, object>());
var executedfilterContext = new ActionExecutedContext(controllerContext, new FakeActionDescriptor(), false, null);
var httpContext = (FakeHttpContext) controllerContext.HttpContext;
httpContext.CleanCache();
//set up attr
var attr = new PreventFloodAttribute(typeof(EmptyResult));
attr.Config.SpamPrevention.FloodControl.TimeBetweenPosts = 5;
attr.Config.SpamPrevention.FloodControl.IgnoreForRole = UserRole.Moderator; //ignore for moderator or admin
var session = new SessionWrapper(httpContext);
session.SetUser(new User() { Role = UserRole.Moderator }, AuthenticationProvider.CustomDb);
//first execution
attr.OnActionExecuting(executingFilterContext);
Assert.AreNotEqual<bool?>(true, (bool?)controller.ViewBag.ShowCaptcha);
attr.OnActionExecuted(executedfilterContext);
//second execution: must NOT be considered as flooding
attr.OnActionExecuting(executingFilterContext);
Assert.AreNotEqual<bool?>(true, (bool?)controller.ViewBag.ShowCaptcha);
attr.OnActionExecuted(executedfilterContext);
}
public void ValidateReadAccessAttribute_Test()
{
var controller = TestHelper.Resolve<TopicsController>();
var controllerContext = new FakeControllerContext(controller, "http://localhost");
var filterContext = new ActionExecutedContext(controllerContext, new FakeActionDescriptor(), false, null);
var att = new ValidateReadAccessAttribute();
filterContext.Result = new ViewResult();
controller.ViewData.Model = new Topic();
att.OnActionExecuted(filterContext);
//The user should see the content
Assert.IsTrue(filterContext.Result is ViewResult);
filterContext.Result = new ViewResult();
controller.ViewData.Model = new Topic() { ReadAccessRole = UserRole.Moderator};
att.OnActionExecuted(filterContext);
//The user should be redirected
Assert.IsTrue(filterContext.Result is RedirectToRouteResult);
}
public void PreventFloodAttribute_Time_Test()
{
//set up context
var controller = TestHelper.Resolve<MessagesController>();
var controllerContext = new FakeControllerContext(controller, "http://localhost");
var executingFilterContext = new ActionExecutingContext(controllerContext, new FakeActionDescriptor(), new Dictionary<string, object>());
var executedfilterContext = new ActionExecutedContext(controllerContext, new FakeActionDescriptor(), false, null);
var httpContext = (FakeHttpContext)controllerContext.HttpContext;
httpContext.CleanCache();
//set up attr
var attr = new PreventFloodAttribute(typeof(EmptyResult));
attr.Config.SpamPrevention.FloodControl.TimeBetweenPosts = 5;
attr.Config.SpamPrevention.FloodControl.IgnoreForRole = (UserRole) Int16.MaxValue; //do not ignore
//first execution
attr.OnActionExecuting(executingFilterContext);
Assert.AreNotEqual<bool?>(true, (bool?)controller.ViewBag.ShowCaptcha);
attr.OnActionExecuted(executedfilterContext);
//second execution: must be considered as flooding
attr.OnActionExecuting(executingFilterContext);
Assert.AreEqual<bool?>(true, (bool?)controller.ViewBag.ShowCaptcha);
attr.OnActionExecuted(executedfilterContext);
}
public void Topic_Add_Delete_Test()
{
var controller = TestHelper.Resolve<TopicsController>();
var controllerContext = new FakeControllerContext(controller, "http://localhost", null, null, new System.Collections.Specialized.NameValueCollection(), new System.Collections.Specialized.NameValueCollection(), new System.Web.HttpCookieCollection(), ForumsControllerTest.GetSessionWithTestUser());
controller.ControllerContext = controllerContext;
ActionResult result = null;
var forum = ForumsControllerTest.GetAForum();
result = controller.Add(forum.ShortName, new Topic(), true, "*****@*****.**");
Assert.IsFalse(result is RedirectToRouteResult); //controller should display the same page to correct error.
//Create a valid topic
var t = new Topic();
t.Title = "Unit testing " + TestContext.TestName;
t.Description = "This is a sample topic from unit testing project.";
t.Tags = new TagList("test");
t.ShortName = t.Title.ToUrlSegment(64);
t.User = controller.User.ToUser();
t.Forum = forum;
controller = TestHelper.Resolve<TopicsController>();
controller.ControllerContext = controllerContext;
controller.Url = new UrlHelper(controllerContext.RequestContext);
result = controller.Add(forum.ShortName, t, true, "*****@*****.**");
int topicId = t.Id;
Assert.IsTrue(topicId > 0);
result = controller.Delete(topicId, t.ShortName, t.Forum.ShortName);
Assert.IsTrue(result is JsonResult);
t = TestHelper.Resolve<ITopicsService>().Get(topicId);
Assert.IsNull(t);
}
public void TagList_Test()
{
#region Create a valid topic and controller
TopicsController controller = TestHelper.Resolve<TopicsController>();
var controllerContext = new FakeControllerContext(controller, "http://localhost", null, null, new System.Collections.Specialized.NameValueCollection(), new System.Collections.Specialized.NameValueCollection(), new System.Web.HttpCookieCollection(), ForumsControllerTest.GetSessionWithTestUser());
controller.ControllerContext = controllerContext;
controller.Url = new UrlHelper(controllerContext.RequestContext);
Forum forum = ForumsControllerTest.GetAForum();
//Create a valid topic
Topic t = new Topic();
t.Title = "Unit testing " + TestContext.TestName;
t.Description = "This is a sample topic from unit testing project.";
t.Tags = new TagList("test");
t.ShortName = t.Title.ToUrlSegment(64);
t.User = controller.User.ToUser();
t.Forum = forum;
#endregion
TagListTestHelper(true, "hola mundo", 2, t, forum.ShortName, controller);
TagListTestHelper(true, "hola mundo", 2, t, forum.ShortName, controller);
TagListTestHelper(true, "hola mundo", 2, t, forum.ShortName, controller);
TagListTestHelper(false, "NOTho}la", 1, t, forum.ShortName, controller);
TagListTestHelper(true, " tag1 tag2 tag3 tag4 tag5 tag6", 6, t, forum.ShortName, controller);
TagListTestHelper(true, "tabbedtag1 tag2 tag3 tag4 tag5 tag6 ", 6, t, forum.ShortName, controller);
TagListTestHelper(true, "tagdott tag2 tag3 asp.net tag", 5, t, forum.ShortName, controller);
TagListTestHelper(false, "NOTtag tag tagtag3 tag4 tag5 tag6 tag7 tag8", 8, t, forum.ShortName, controller);
TagListTestHelper(true, "repeated tag tag tag4 tag5 tagthisislong6", 5, t, forum.ShortName, controller);
TagListTestHelper(true, "tag tag2 tagtag3 tag4 tag5 tagthis_islmiddlescore--ong6", 6, t, forum.ShortName, controller);
}
public void User_Warn_Dismiss_Test()
{
var controller = TestHelper.Resolve<UsersController>();
var context = new FakeControllerContext(controller);
var sessionWrapper = new SessionWrapper(context.HttpContext);
sessionWrapper.SetUser(ServicesTests.GetTestUser(), AuthenticationProvider.CustomDb);
controller.ControllerContext = context;
controller.WarnDismiss();
//True if a record was affected.
Assert.IsTrue((bool)controller.ViewData.Model);
}
public void User_Manage_Access_Test()
{
var controller = TestHelper.Resolve<UsersController>();
var context = new FakeControllerContext(controller);
var sessionWrapper = new SessionWrapper(context.HttpContext);
sessionWrapper.SetUser(new User() { Role = UserRole.Member }, AuthenticationProvider.CustomDb);
controller.ControllerContext = context;
try
{
controller.Ban(0, ModeratorReason.Spamming, null);
Assert.Fail("The user banning is not a moderator or admin");
}
catch (System.Security.SecurityException)
{
}
}
