public async Task ResponceExpirationIsInTheFuturePostSignUp() { var now = new BsonDateTime(DateTime.UtcNow); var accessMock = new Mock <IRepository <AccessTokenSchema> >(); var result = new Task <AccessTokenSchema>(() => { return(new AccessTokenSchema { CreatedAt = new BsonDateTime(DateTime.UtcNow), Role = RoleOptions.Admin, }); }); result.Start(); accessMock.Setup(a => a.FindOne(It.IsAny <FilterDefinition <AccessTokenSchema> >())) .Returns(result) .Verifiable(); var client = CustomHost.Create(accessMock); var request = CustomRequest.Create(HttpMethod.Post, "/authentication/signUps"); var response = await client.SendAsync(request); response.EnsureSuccessStatusCode(); var body = await response.Content.ReadAsStringAsync(); var data = BsonSerializer.Deserialize <SignUpTokenResponce>(body); Assert.True(data.Expiration > now, "SignUp expiration data is before the current time."); }
public async Task BadAccessTokenIsUnauthorizedPresecurity(string value) { var accessMock = new Mock <IRepository <AccessTokenSchema> >(); var result = new Task <AccessTokenSchema>(() => { return(null); }); result.Start(); accessMock.Setup(a => a.FindOne(It.IsAny <FilterDefinition <AccessTokenSchema> >())) .Returns(result) .Verifiable(); var client = CustomHost.Create(accessMock); var request = CustomRequest.Create(HttpMethod.Post, "/authentication/signUps/", false); request.Headers.TryAddWithoutValidation("Cookie", "ExperienceCapture-Access-Token=" + value); var response = await client.SendAsync(request); Assert.True( response.StatusCode == HttpStatusCode.Unauthorized, "Triggering pre-security with a bad token is not unauthorized."); }
public async Task AnyStringIsAllowedPostTag(string value) { var sessionMock = new Mock <IRepository <SessionSchema> >(); var result = new Task <SessionSchema>(() => { return(new SessionSchema { InternalId = ObjectId.GenerateNewId(), Id = string.Empty, User = null, CreatedAt = new BsonDateTime(DateTime.UtcNow), Tags = new List <string>(), }); }); result.Start(); sessionMock.Setup(s => s.FindById(It.IsAny <string>())) .Returns(result) .Verifiable("A session was never searched for."); var client = CustomHost.Create(sessionMock: sessionMock); var request = CustomRequest.Create(HttpMethod.Post, $"/sessions/EXEX/tags/{value}"); var response = await client.SendAsync(request); response.EnsureSuccessStatusCode(); }
public async Task EmptyTagIsNotFoundPostTags() { var sessionMock = new Mock <IRepository <SessionSchema> >(); var result = new Task <SessionSchema>(() => { return(new SessionSchema { InternalId = ObjectId.GenerateNewId(), Id = string.Empty, User = null, CreatedAt = new BsonDateTime(DateTime.UtcNow), Tags = new List <string>(), }); }); result.Start(); sessionMock.Setup(s => s.FindById(It.IsAny <string>())) .Returns(result) .Verifiable("A session was never searched for."); var client = CustomHost.Create(sessionMock: sessionMock); var request = CustomRequest.Create(HttpMethod.Post, $"/sessions/EXEX/tags/"); var response = await client.SendAsync(request); Assert.True( response.StatusCode == HttpStatusCode.NotFound, "Tagging a an empty is not 'not found'."); }
public async Task UpdateIsCalledDeleteTag() { var sessionMock = new Mock <IRepository <SessionSchema> >(); var result = new Task <SessionSchema>(() => { return(new SessionSchema { InternalId = ObjectId.GenerateNewId(), Id = string.Empty, User = null, CreatedAt = new BsonDateTime(DateTime.UtcNow), Tags = new List <string>(), }); }); result.Start(); sessionMock.Setup(s => s.FindById(It.IsAny <string>())) .Returns(result) .Verifiable("A session was never searched for."); // For some reason Verify() doesn't work sessionMock.Setup( s => s.Update( It.IsAny <FilterDefinition <SessionSchema> >(), It.IsAny <UpdateDefinition <SessionSchema> >())) .Verifiable("A session was never updated."); var client = CustomHost.Create(sessionMock: sessionMock); var request = CustomRequest.Create(HttpMethod.Delete, $"/sessions/EXEX/tags/test"); var response = await client.SendAsync(request); response.EnsureSuccessStatusCode(); }
public async Task OtherMethodsExport(string input) { var client = CustomHost.Create(); var requestPut = CustomRequest.Create(HttpMethod.Put, $"/sessions/EXEX/export{input}"); var responsePut = await client.SendAsync(requestPut); Assert.True( responsePut.StatusCode == HttpStatusCode.MethodNotAllowed, "Putting export is an allowed method."); var requestPatch = CustomRequest.Create(HttpMethod.Patch, $"/sessions/EXEX/export{input}"); var responsePatch = await client.SendAsync(requestPatch); Assert.True( responsePatch.StatusCode == HttpStatusCode.MethodNotAllowed, "Patching export is an allowed method."); var requestDelete = CustomRequest.Create(HttpMethod.Patch, $"/sessions/EXEX/export{input}"); var responseDelete = await client.SendAsync(requestDelete); Assert.True( responseDelete.StatusCode == HttpStatusCode.MethodNotAllowed, "Deleting export is an allowed method."); }
public async Task OtherMethodsSignUp(string input) { var client = CustomHost.Create(); var requestPut = CustomRequest.Create(HttpMethod.Put, $"/authentication/signUps{input}"); var responsePut = await client.SendAsync(requestPut); Assert.True( responsePut.StatusCode == HttpStatusCode.MethodNotAllowed, "Putting SignUp is an allowed method."); var requestPatch = CustomRequest.Create(HttpMethod.Patch, $"/authentication/signUps{input}"); var responsePatch = await client.SendAsync(requestPatch); Assert.True( responsePatch.StatusCode == HttpStatusCode.MethodNotAllowed, "Patching SignUp is an allowed method."); var requestGet = CustomRequest.Create(HttpMethod.Get, $"/authentication/signUps{input}"); var responseGet = await client.SendAsync(requestGet); Assert.True( responseGet.StatusCode == HttpStatusCode.MethodNotAllowed, "Gettings SignUp is an allowed method."); var requestDelete = CustomRequest.Create(HttpMethod.Delete, $"/authentication/signUps{input}"); var responseDelete = await client.SendAsync(requestDelete); Assert.True( responseDelete.StatusCode == HttpStatusCode.MethodNotAllowed, "Deleting SignUp is an allowed method."); }
public async Task CorrectContentGetExport() { var sessionMock = new Mock <IRepository <SessionSchema> >(); var result = new Task <SessionSchema>(() => { return(new SessionSchema { InternalId = null, Id = null, User = null, CreatedAt = null, Tags = null, ExportState = ExportOptions.Done, }); }); result.Start(); sessionMock.Setup(a => a.FindById(It.IsAny <string>())) .Returns(result) .Verifiable("A session was never searched for."); var client = CustomHost.Create(sessionMock: sessionMock); var request = CustomRequest.Create(HttpMethod.Get, "/sessions/EXEX/export"); var response = await client.SendAsync(request); response.EnsureSuccessStatusCode(); Assert.Equal( "application/zip", response.Content.Headers.ContentType.ToString()); }
public async Task UpdateIsCalledPostExport() { var sessionMock = new Mock <IRepository <SessionSchema> >(); var result = new Task <SessionSchema>(() => { return(new SessionSchema { InternalId = null, Id = null, User = null, CreatedAt = null, Tags = null, }); }); result.Start(); sessionMock.Setup(s => s.FindById(It.IsAny <string>())) .Returns(result) .Verifiable("A session was never searched for."); sessionMock.Setup(s => s.Update( It.IsAny <FilterDefinition <SessionSchema> >(), It.IsAny <UpdateDefinition <SessionSchema> >())) .Verifiable("A session was never updated for."); var client = CustomHost.Create(sessionMock: sessionMock); var request = CustomRequest.Create(HttpMethod.Post, "/sessions/EXEX/export"); var response = await client.SendAsync(request); response.EnsureSuccessStatusCode(); }
public async Task IsBrokenGetExport() { var sessionMock = new Mock <IRepository <SessionSchema> >(); var result = new Task <SessionSchema>(() => { return(new SessionSchema { InternalId = null, Id = null, User = null, CreatedAt = null, Tags = null, ExportState = ExportOptions.Error, }); }); result.Start(); sessionMock.Setup(a => a.FindById(It.IsAny <string>())) .Returns(result) .Verifiable("A session was never searched for."); var client = CustomHost.Create(sessionMock: sessionMock); var request = CustomRequest.Create(HttpMethod.Get, "/sessions/EXEX/export"); var response = await client.SendAsync(request); Assert.True( response.StatusCode == HttpStatusCode.InternalServerError, "Getting export is not 'internal server error'."); }
public async Task ResponceIsOkDeleteTags() { var sessionMock = new Mock <IRepository <SessionSchema> >(); var result = new Task <SessionSchema>(() => { return(new SessionSchema { InternalId = ObjectId.GenerateNewId(), Id = string.Empty, User = null, CreatedAt = new BsonDateTime(DateTime.UtcNow), Tags = new List <string>(), }); }); result.Start(); sessionMock.Setup(s => s.FindById(It.IsAny <string>())) .Returns(result) .Verifiable("A session was never searched for."); var client = CustomHost.Create(sessionMock: sessionMock); var request = CustomRequest.Create(HttpMethod.Delete, $"/sessions/EXEX/tags/test"); var response = await client.SendAsync(request); response.EnsureSuccessStatusCode(); Assert.Equal( "text/plain; charset=utf-8", response.Content.Headers.ContentType.ToString()); Assert.True( await response.Content.ReadAsStringAsync() == "OK", "Tagging does not have a body of 'OK'."); }
public async Task BsonTypeIsCorrect() { var sessionMock = new Mock <IRepository <SessionSchema> >(); var result = new Task <SessionSchema>(() => { return(new SessionSchema() { User = new PersonSchema { }, }); }); result.Start(); sessionMock.Setup(s => s.FindById(It.IsAny <string>())) .Returns(result) .Verifiable("A session was never searched for."); var client = CustomHost.Create(sessionMock: sessionMock); var request = CustomRequest.Create(HttpMethod.Get, "/sessions/EXEX?bson=true"); var response = await client.SendAsync(request); Assert.Equal( "application/bson", response.Content.Headers.ContentType.ToString()); }
public async Task MultipleRoutesPostSignUp(string input) { var accessMock = new Mock <IRepository <AccessTokenSchema> >(); var result = new Task <AccessTokenSchema>(() => { return(new AccessTokenSchema { CreatedAt = new BsonDateTime(DateTime.UtcNow), Role = RoleOptions.Admin, }); }); result.Start(); accessMock.Setup(a => a.FindOne(It.IsAny <FilterDefinition <AccessTokenSchema> >())) .Returns(result) .Verifiable(); var client = CustomHost.Create(accessMock); var request = CustomRequest.Create(HttpMethod.Post, $"/authentication/signUps{input}"); var response = await client.SendAsync(request); response.EnsureSuccessStatusCode(); }
public async Task ExpiredTokenIsUnauthorizedPresecurity(int value) { var accessMock = new Mock <IRepository <AccessTokenSchema> >(); var result = new Task <AccessTokenSchema>(() => { return(new AccessTokenSchema { InternalId = ObjectId.GenerateNewId(), Hash = string.Empty, User = ObjectId.GenerateNewId(), CreatedAt = new BsonDateTime(DateTime.UtcNow.AddSeconds(-value)), Role = RoleOptions.Admin, }); }); result.Start(); accessMock.Setup(a => a.FindOne(It.IsAny <FilterDefinition <AccessTokenSchema> >())) .Returns(result) .Verifiable(); var client = CustomHost.Create(accessMock); var request = CustomRequest.Create(HttpMethod.Post, "/authentication/signUps/", false); request.Headers.TryAddWithoutValidation("Cookie", "ExperienceCapture-Access-Token=" + "ok"); var response = await client.SendAsync(request); Assert.True( response.StatusCode == HttpStatusCode.Unauthorized, "Triggering pre-security with an expired token is not unauthorized."); }
public async Task MultiplePathsAcceptedGetExport(string input) { var sessionMock = new Mock <IRepository <SessionSchema> >(); var result = new Task <SessionSchema>(() => { return(new SessionSchema { InternalId = null, Id = null, User = null, CreatedAt = null, Tags = null, ExportState = ExportOptions.Done, }); }); result.Start(); sessionMock.Setup(a => a.FindById(It.IsAny <string>())) .Returns(result) .Verifiable("A session was never searched for."); var client = CustomHost.Create(sessionMock: sessionMock); var request = CustomRequest.Create(HttpMethod.Get, $"/sessions/EXEX/export{input}"); var response = await client.SendAsync(request); response.EnsureSuccessStatusCode(); }
public async Task ResponceIsValidBsonPostSignUp(string input) { var accessMock = new Mock <IRepository <AccessTokenSchema> >(); var result = new Task <AccessTokenSchema>(() => { return(new AccessTokenSchema { CreatedAt = new BsonDateTime(DateTime.UtcNow), Role = RoleOptions.Admin, }); }); result.Start(); accessMock.Setup(a => a.FindOne(It.IsAny <FilterDefinition <AccessTokenSchema> >())) .Returns(result) .Verifiable(); var client = CustomHost.Create(accessMock); var request = CustomRequest.Create(HttpMethod.Post, $"/authentication/signUps{input}bson=true"); var response = await client.SendAsync(request); response.EnsureSuccessStatusCode(); var body = await response.Content.ReadAsByteArrayAsync(); var data = BsonSerializer.Deserialize <SignUpTokenResponce>(body); Assert.False(data == null, "SignUp data is null."); Assert.False(data.SignUpToken == null, "SignUp token data is null."); Assert.False(data.SignUpToken == string.Empty, "SignUp token data is empty."); Assert.False(data.Expiration == null, "SignUp expiration data is null."); }
public async Task AddIsCalledPostSignUp() { var accessMock = new Mock <IRepository <AccessTokenSchema> >(); var result = new Task <AccessTokenSchema>(() => { return(new AccessTokenSchema { InternalId = ObjectId.GenerateNewId(), Hash = string.Empty, User = ObjectId.GenerateNewId(), // A day so the token can't expire while running CreatedAt = new BsonDateTime(DateTime.UtcNow.AddSeconds(86400)), Role = RoleOptions.Admin, }); }); result.Start(); accessMock.Setup(a => a.FindOne(It.IsAny <FilterDefinition <AccessTokenSchema> >())) .Returns(result); accessMock.Setup(s => s.Add(It.IsAny <AccessTokenSchema>())) .Verifiable("An access token is never added."); var client = CustomHost.Create(accessMock: accessMock); var request = CustomRequest.Create(HttpMethod.Post, "/authentication/signUps"); var response = await client.SendAsync(request); response.EnsureSuccessStatusCode(); }
public async Task IsOkIfFoundPostExport() { var sessionMock = new Mock <IRepository <SessionSchema> >(); var result = new Task <SessionSchema>(() => { return(new SessionSchema { InternalId = null, Id = null, User = null, CreatedAt = null, Tags = null, }); }); result.Start(); sessionMock.Setup(a => a.FindById(It.IsAny <string>())) .Returns(result) .Verifiable("A session was never searched for."); var client = CustomHost.Create(sessionMock: sessionMock); var request = CustomRequest.Create(HttpMethod.Post, "/sessions/EXEX/export"); var response = await client.SendAsync(request); response.EnsureSuccessStatusCode(); var body = await response.Content.ReadAsStringAsync(); Assert.True( body == "OK", "Posting export responce is not 'OK'."); }
public async Task RequiresAccessPostExport() { var client = CustomHost.Create(); var request = CustomRequest.Create(HttpMethod.Post, "/sessions/EXEX/export", false); var response = await client.SendAsync(request); Assert.True( response.StatusCode == HttpStatusCode.BadRequest, "Posting an export is a bad request without access token."); }
public async Task RequiresAccessPostSignUp() { var client = CustomHost.Create(); var request = CustomRequest.Create(HttpMethod.Post, "/authentication/signUps", false); var response = await client.SendAsync(request); Assert.True( response.StatusCode == HttpStatusCode.BadRequest, "Creating a sign-up token is a not bad request without access token."); }
public async Task MissingUserIsNotFoundGetUser() { var client = CustomHost.Create(); var request = CustomRequest.Create(HttpMethod.Get, "/users/1234567890987654321/", false); var response = await client.SendAsync(request); Assert.True( response.StatusCode == HttpStatusCode.BadRequest, "Getting a user is not 'not found' when missing."); }
public async Task RequiresAccessGetUser() { var client = CustomHost.Create(); var request = CustomRequest.Create(HttpMethod.Get, "/users/1234567890987654321/", false); var response = await client.SendAsync(request); Assert.True( response.StatusCode == HttpStatusCode.BadRequest, "Getting a user is not a bad request without access token."); }
public async Task IllegalUrlIsNotFoundDelete(string input) { var client = CustomHost.Create(); var request = CustomRequest.Create(HttpMethod.Delete, input); var response = await client.SendAsync(request); Assert.True( response.StatusCode == HttpStatusCode.NotFound, $"The following illegal url is allowed: {input}"); }
public async Task IsNotFoundPostExport() { var client = CustomHost.Create(); var request = CustomRequest.Create(HttpMethod.Post, "/sessions/EXEX/export"); var response = await client.SendAsync(request); Assert.True( response.StatusCode == HttpStatusCode.NotFound, "Posting an export missing session is not 'not found'."); }
public async Task RequiresAccessDeleteTag() { var client = CustomHost.Create(); var request = CustomRequest.Create(HttpMethod.Post, "/sessions/EXEX/tags/test", false); var response = await client.SendAsync(request); Assert.True( response.StatusCode == HttpStatusCode.BadRequest, "Tagging is a bad request without token."); }
public async Task ContentLengthIsCorrectGetExport() { var sessionMock = new Mock <IRepository <SessionSchema> >(); var result = new Task <SessionSchema>(() => { return(new SessionSchema { InternalId = null, Id = null, User = null, CreatedAt = null, Tags = null, ExportState = ExportOptions.Done, }); }); result.Start(); sessionMock.Setup(a => a.FindById(It.IsAny <string>())) .Returns(result) .Verifiable("A session was never searched for."); var minioMock = new Mock <IMinioClient>(); UTF8Encoding utf8 = new UTF8Encoding(); var content = "test"; var bytes = new Task <byte[]>(() => { return(utf8.GetBytes(content)); }); bytes.Start(); minioMock.Setup(m => m.GetBytesAsync( It.IsAny <string>(), It.IsAny <string>())) .Returns(bytes) .Verifiable("Export did not call GetBytesAsync."); var client = CustomHost.Create(sessionMock: sessionMock, objectStoreMock: minioMock); var request = CustomRequest.Create(HttpMethod.Get, "/sessions/EXEX/export"); var response = await client.SendAsync(request); response.EnsureSuccessStatusCode(); var body = await response.Content.ReadAsByteArrayAsync(); Assert.True( body.Length == utf8.GetBytes(content).Length, "The Content-Length header has a different length from the content."); }
public async Task RespondsWithCorrectStreamGetExport(string input) { var sessionMock = new Mock <IRepository <SessionSchema> >(); var result = new Task <SessionSchema>(() => { return(new SessionSchema { InternalId = null, Id = null, User = null, CreatedAt = null, Tags = null, ExportState = ExportOptions.Done, }); }); result.Start(); sessionMock.Setup(a => a.FindById(It.IsAny <string>())) .Returns(result) .Verifiable("A session was never searched for."); var minioMock = new Mock <IMinioClient>(); UTF8Encoding utf8 = new UTF8Encoding(); var bytes = new Task <byte[]>(() => { return(utf8.GetBytes(input)); }); bytes.Start(); minioMock.Setup(m => m.GetBytesAsync( It.IsAny <string>(), It.IsAny <string>())) .Returns(bytes) .Verifiable("Export did not call GetBytesAsync."); var client = CustomHost.Create(sessionMock: sessionMock, objectStoreMock: minioMock); var request = CustomRequest.Create(HttpMethod.Get, "/sessions/EXEX/export"); var response = await client.SendAsync(request); response.EnsureSuccessStatusCode(); var body = await response.Content.ReadAsStringAsync(); Assert.True(body == input, "Export responce is not the given stream."); }
public async Task NullStreamIsErrorGetExport() { var sessionMock = new Mock <IRepository <SessionSchema> >(); var result = new Task <SessionSchema>(() => { return(new SessionSchema { InternalId = null, Id = null, User = null, CreatedAt = null, Tags = null, ExportState = ExportOptions.Done, }); }); result.Start(); sessionMock.Setup(a => a.FindById(It.IsAny <string>())) .Returns(result) .Verifiable("A session was never searched for."); var minioMock = new Mock <IMinioClient>(); UTF8Encoding utf8 = new UTF8Encoding(); var bytes = new Task <byte[]>(() => { return(null); }); bytes.Start(); minioMock.Setup(m => m.GetBytesAsync( It.IsAny <string>(), It.IsAny <string>())) .Returns(bytes) .Verifiable("Export did not call GetBytesAsync."); var client = CustomHost.Create(sessionMock: sessionMock, objectStoreMock: minioMock); var request = CustomRequest.Create(HttpMethod.Get, "/sessions/EXEX/export"); await Assert.ThrowsAsync <ArgumentNullException>(async() => { await client.SendAsync(request); }); }
public async Task NonSameUserIsUnauthorizedGetUser() { var firstId = ObjectId.GenerateNewId(); var secondId = ObjectId.GenerateNewId(); var accessMock = new Mock <IRepository <AccessTokenSchema> >(); var result = new Task <AccessTokenSchema>(() => { return(new AccessTokenSchema { CreatedAt = new BsonDateTime(DateTime.UtcNow.AddSeconds(86400)), Role = RoleOptions.Normal, User = firstId, }); }); result.Start(); accessMock.Setup(a => a.FindOne(It.IsAny <FilterDefinition <AccessTokenSchema> >())) .Returns(result) .Verifiable(); var personMock = new Mock <IRepository <PersonSchema> >(); var personResult = new Task <PersonSchema>(() => { return(new PersonSchema() { InternalId = secondId, }); }); personResult.Start(); personMock.Setup(p => p.FindById(It.IsAny <string>())) .Returns(personResult) .Verifiable("A person is never searched for."); var client = CustomHost.Create(accessMock: accessMock, personMock: personMock); var request = CustomRequest.Create(HttpMethod.Get, "/users/1234567890987654321/"); var response = await client.SendAsync(request); Assert.True( response.StatusCode == HttpStatusCode.Unauthorized, "Getting a user is not unauthorized when it is not the same."); }
public async Task UpdateIsCalledGetUser() { var accessMock = new Mock <IRepository <AccessTokenSchema> >(); var result = new Task <AccessTokenSchema>(() => { return(new AccessTokenSchema { CreatedAt = new BsonDateTime(DateTime.UtcNow.AddSeconds(86400)), Role = RoleOptions.Admin, }); }); result.Start(); accessMock.Setup(a => a.FindOne(It.IsAny <FilterDefinition <AccessTokenSchema> >())) .Returns(result) .Verifiable(); var personMock = new Mock <IRepository <PersonSchema> >(); var personResult = new Task <PersonSchema>(() => { return(new PersonSchema() { }); }); personResult.Start(); personMock.Setup(p => p.FindById(It.IsAny <string>())) .Returns(personResult) .Verifiable("A person is never searched for."); personMock.Setup(p => p.Update( It.IsAny <FilterDefinition <PersonSchema> >(), It.IsAny <UpdateDefinition <PersonSchema> >())) .Verifiable("A person is never updated."); var client = CustomHost.Create(accessMock: accessMock, personMock: personMock); var request = CustomRequest.Create(HttpMethod.Delete, "/users/1234567890987654321/"); var response = await client.SendAsync(request); response.EnsureSuccessStatusCode(); }