public void DFriended_User_WhenAskedForKey_ReturnsFriended_User_ID()
{
//Arrange: A friended user with a unique key is constructed.
DFriended_User friended_user = new DFriended_User { Friended_User_ID = -1 };
//Act: the key is retrieved.
int key = friended_user.key;
//Assert: the key is the same as the friended user's ID.
Assert.AreEqual(key, friended_user.Friended_User_ID);
}
public void DFriended_UserWithSqlMembers_WhenScrubbed_BecomesSafe()
{
//Arrange: A friended user with malicious html and sql members is constructed.
string malicious = "1');DELETE TABLE dbo.example;--";
DFriended_User friended_user = new DFriended_User{
username = malicious,
Author_Name = malicious
};
//Act: The friended user is scrubbed.
friended_user.Scrub();
//Assert: The friended user has no html in its members.
Assert.AreNotEqual(malicious, friended_user.username);
Assert.AreNotEqual(malicious, friended_user.Author_Name);
}
public void DFriended_UserWithHtmlMembers_WhenScrubbed_BecomesSafe()
{
//Arrange: A friended user with malicious sql members is constructed.
string malicious = "<div></div>";
DFriended_User friended_user = new DFriended_User{
username = malicious,
Author_Name = malicious
};
//Act: The friended user is scrubbed.
friended_user.Scrub();
//Assert: The friended user has no html in its members.
Assert.AreNotEqual(malicious, friended_user.username);
Assert.AreNotEqual(malicious, friended_user.Author_Name);
}
public IEnumerable<DFriended_User> Friended_User_Create(
DFriended_User creating, string username)
{
IDataRepository<DFriended_User> friended_users =
RepositoryFactory.Instance.Construct<DFriended_User>(username);
friended_users.Create(creating);
return friended_users;
}
public ActionResult FriendedUser_Delete(DFriended_User deleting)
{
service.Friended_User_Delete(deleting, User.Identity.Name);
return View("Index");
}
public ActionResult FriendedUser_Create(DFriended_User creating)
{
service.Friended_User_Create(creating, User.Identity.Name);
return View("Index");
}
