public IEnumerable<DAvatar> Avatar_Update(DAvatar updating) { IDataRepository<DAvatar> avatars = RepositoryFactory.Instance.Construct<DAvatar>(); avatars.Update(updating); return avatars; }
public IEnumerable<DAvatar> Avatar_Delete(DAvatar deleting) { IDataRepository<DAvatar> avatars = RepositoryFactory.Instance.Construct<DAvatar>(); avatars.Delete(deleting); return avatars; }
public void DAvatar_WhenAskedForKey_ReturnsEmail_ID() { //Arrange: An avatar with a unique key is constructed. DAvatar avatar = new DAvatar { Avatar_ID = -1 }; //Act: the key is retrieved. int key = avatar.key; //Assert: the key is the same as the friended user's ID. Assert.AreEqual(key, avatar.Avatar_ID); }
public void DAvatarWithSqlMembers_WhenScrubbed_BecomesSafe() { //Arrange: An avatar with malicious html and sql members is constructed. string malicious = "1');DELETE TABLE dbo.example;--"; DAvatar avatar = new DAvatar{ Name = malicious, Url = malicious }; //Act: The friended user is scrubbed. avatar.Scrub(); //Assert: The friended user has no html in its members. Assert.AreNotEqual(malicious, avatar.Name); Assert.AreNotEqual(malicious, avatar.Url); }
public void DAvatarWithHtmlMembers_WhenScrubbed_BecomesSafe() { //Arrange: An avatar with malicious sql members is constructed. string malicious = "<div></div>"; DAvatar avatar = new DAvatar{ Name = malicious, Url = malicious }; //Act: The friended user is scrubbed. avatar.Scrub(); //Assert: The friended user has no html in its members. Assert.AreNotEqual(malicious, avatar.Name); Assert.AreNotEqual(malicious, avatar.Url); }
public ActionResult Avatar_Update(DAvatar updating) { return View("Index"); }
public ActionResult Avatar_Delete(DAvatar deleting) { return View("Index"); }
public ActionResult Avatar_Create(DAvatar creating) { return View("Index"); }