public void ReturnsDetailedConfirmationIfPendingOwnerPropagatesPolicy() { // Arrange var fakes = Get <Fakes>(); var controller = GetController <JsonApiController>(); GetMock <IAppConfiguration>().Setup(c => c.GalleryOwner).Returns(new MailAddress("*****@*****.**")); GetMock <HttpContextBase>() .Setup(c => c.User) .Returns(Fakes.ToPrincipal(fakes.Owner)); fakes.ShaUser.SecurityPolicies = (new RequireSecurePushForCoOwnersPolicy().Policies).ToList(); var pendingOwner = new PackageOwnerRequest() { PackageRegistrationKey = fakes.Package.Key, NewOwner = fakes.ShaUser }; GetMock <IEntityRepository <PackageOwnerRequest> >() .Setup(r => r.GetAll()) .Returns((new [] { pendingOwner }).AsQueryable()); // Act var result = controller.GetAddPackageOwnerConfirmation(fakes.Package.Id, fakes.User.Username); dynamic data = ((JsonResult)result).Data; // Assert Assert.True(data.success); Assert.StartsWith( "Pending owner(s) 'testShaUser' has (have) the following requirements that will be enforced for all co-owners, including 'testUser', once ownership requests are accepted:", data.policyMessage); }
public void WhenNoAdminRoleClaim_ReturnsFalse() { var user = new User("admin"); var principal = Fakes.ToPrincipal(user); Assert.False(PrincipalExtensions.IsAdministrator(principal)); }
public void DoesNotReturnConfirmationIfPendingOwnerPropagatesButNewOwnerIsSubscribed() { // Arrange var fakes = Get <Fakes>(); var controller = GetController <JsonApiController>(); GetMock <IAppConfiguration>().Setup(c => c.GalleryOwner).Returns(new MailAddress("*****@*****.**")); GetMock <HttpContextBase>() .Setup(c => c.User) .Returns(Fakes.ToPrincipal(fakes.Owner)); GetMock <ISecurityPolicyService>().Setup(s => s.IsSubscribed(fakes.User, SecurePushSubscription.Name)).Returns(true); fakes.ShaUser.SecurityPolicies = (new RequireSecurePushForCoOwnersPolicy().Policies).ToList(); var pendingOwner = new PackageOwnerRequest() { PackageRegistrationKey = fakes.Package.Key, NewOwner = fakes.ShaUser }; GetMock <IEntityRepository <PackageOwnerRequest> >() .Setup(r => r.GetAll()) .Returns((new[] { pendingOwner }).AsQueryable()); // Act var result = controller.GetAddPackageOwnerConfirmation(fakes.Package.Id, fakes.User.Username); dynamic data = ((JsonResult)result).Data; // Assert Assert.True(data.success); Assert.StartsWith("Please confirm if you would like to proceed adding 'testUser' as a co-owner of this package.", data.confirmation); }
public void ReturnsDetailedConfirmationIfPendingOwnerPropagatesPolicy() { // Arrange var fakes = Get <Fakes>(); var controller = GetController <JsonApiController>(); GetMock <HttpContextBase>() .Setup(c => c.User) .Returns(Fakes.ToPrincipal(fakes.Owner)); fakes.ShaUser.SecurityPolicies = (new RequireSecurePushForCoOwnersPolicy().Policies).ToList(); var pendingOwner = new PackageOwnerRequest() { PackageRegistration = fakes.Package, PackageRegistrationKey = fakes.Package.Key, NewOwner = fakes.ShaUser, NewOwnerKey = fakes.ShaUser.Key }; GetMock <IPackageOwnerRequestService>() .Setup(p => p.GetPackageOwnershipRequests(fakes.Package, null, null)) .Returns((new [] { pendingOwner })); // Act var result = controller.GetAddPackageOwnerConfirmation(fakes.Package.Id, fakes.User.Username); dynamic data = ((JsonResult)result).Data; // Assert Assert.True(data.success); Assert.StartsWith( "Pending owner(s) 'testShaUser' has (have) the following requirements that will be enforced for all co-owners, including 'testUser', once ownership requests are accepted:", data.policyMessage); }
public void WhenAdminRoleClaim_ReturnsTrue() { var user = new User("admin") { Roles = new [] { new Role { Key = 1, Name = "Admins" } } }; var principal = Fakes.ToPrincipal(user); Assert.True(PrincipalExtensions.IsAdministrator(principal)); }
private async Task <string> GetSendPackageOwnerRequestPolicyMessage(Fakes fakes, User userToSubscribe) { // Arrange var controller = GetController <JsonApiController>(); GetMock <HttpContextBase>() .Setup(c => c.User) .Returns(Fakes.ToPrincipal(fakes.Owner)); userToSubscribe.SecurityPolicies = (new RequireSecurePushForCoOwnersPolicy().Policies).ToList(); var packageOwnerRequestServiceMock = GetMock <IPackageOwnerRequestService>(); packageOwnerRequestServiceMock .Setup(p => p.AddPackageOwnershipRequest(fakes.Package, fakes.Owner, fakes.User)) .Returns(Task.FromResult( new PackageOwnerRequest { PackageRegistration = fakes.Package, RequestingOwner = fakes.Owner, NewOwner = fakes.User, ConfirmationCode = "confirmation-code" })) .Verifiable(); string actualMessage = string.Empty; GetMock <IMessageService>() .Setup(m => m.SendPackageOwnerRequest( fakes.Owner, fakes.User, fakes.Package, TestUtility.GallerySiteRootHttps + "packages/FakePackage/", TestUtility.GallerySiteRootHttps + "packages/FakePackage/owners/testUser/confirm/confirmation-code", TestUtility.GallerySiteRootHttps + "packages/FakePackage/owners/testUser/reject/confirmation-code", string.Empty, It.IsAny <string>())) .Callback <User, User, PackageRegistration, string, string, string, string, string>( (from, to, pkg, pkgUrl, cnfUrl, rjUrl, msg, policyMsg) => actualMessage = policyMsg); // Act JsonResult result = await controller.AddPackageOwner(fakes.Package.Id, fakes.User.Username, string.Empty); dynamic data = result.Data; // Assert Assert.True(data.success); Assert.False(String.IsNullOrEmpty(actualMessage)); return(actualMessage); }
private HttpContextBase CreateHttpContext(User user) { var httpContext = new Mock <HttpContextBase>(); httpContext.SetupGet(c => c.Items).Returns(new Dictionary <object, object> { { "owin.Environment", new Dictionary <string, object>() } }); var owinContext = httpContext.Object.GetOwinContext(); owinContext.Environment[Constants.CurrentUserOwinEnvironmentKey] = user; owinContext.Request.User = Fakes.ToPrincipal(user); return(httpContext.Object); }
public async Task CreatesPackageOwnerRequestSendsEmailAndReturnsPendingState() { var fakes = Get <Fakes>(); var controller = GetController <JsonApiController>(); var httpContextMock = GetMock <HttpContextBase>(); httpContextMock .Setup(c => c.User) .Returns(Fakes.ToPrincipal(fakes.Owner)) .Verifiable(); var packageOwnerRequestServiceMock = GetMock <IPackageOwnerRequestService>(); packageOwnerRequestServiceMock .Setup(p => p.AddPackageOwnershipRequest(fakes.Package, fakes.Owner, fakes.User)) .Returns(Task.FromResult(new PackageOwnerRequest { ConfirmationCode = "confirmation-code" })) .Verifiable(); var messageServiceMock = GetMock <IMessageService>(); messageServiceMock .Setup(m => m.SendPackageOwnerRequest( fakes.Owner, fakes.User, fakes.Package, TestUtility.GallerySiteRootHttps + "packages/FakePackage/", TestUtility.GallerySiteRootHttps + "packages/FakePackage/owners/testUser/confirm/confirmation-code", TestUtility.GallerySiteRootHttps + "packages/FakePackage/owners/testUser/reject/confirmation-code", "Hello World! Html Encoded <3", "")) .Verifiable(); JsonResult result = await controller.AddPackageOwner(fakes.Package.Id, fakes.User.Username, "Hello World! Html Encoded <3"); dynamic data = result.Data; Assert.True(data.success); Assert.Equal(fakes.User.Username, data.name); Assert.True(data.pending); httpContextMock.Verify(); packageOwnerRequestServiceMock.Verify(); messageServiceMock.Verify(); }
public async Task ReturnsFailureWhenRequestedNewOwnerDoesNotExist() { var fakes = Get <Fakes>(); var controller = GetController <JsonApiController>(); GetMock <HttpContextBase>() .Setup(c => c.User) .Returns(Fakes.ToPrincipal(fakes.Owner)); JsonResult result = await controller.AddPackageOwner(fakes.Package.Id, "notARealUser", "message"); dynamic data = result.Data; Assert.False(data.success); Assert.Equal("Owner not found.", data.message); }
public void ReturnsDefaultConfirmationIfNoPolicyPropagation() { // Arrange var fakes = Get <Fakes>(); var controller = GetController <JsonApiController>(); GetMock <HttpContextBase>() .Setup(c => c.User) .Returns(Fakes.ToPrincipal(fakes.Owner)); // Act var result = controller.GetAddPackageOwnerConfirmation(fakes.Package.Id, fakes.User.Username); dynamic data = ((JsonResult)result).Data; // Assert Assert.True(data.success); Assert.Equal("Please confirm if you would like to proceed adding 'testUser' as a co-owner of this package.", data.confirmation); }
public void ReturnsFailureIfOwnerIsNotRealUser() { // Arrange var fakes = Get <Fakes>(); var controller = GetController <JsonApiController>(); GetMock <HttpContextBase>() .Setup(c => c.User) .Returns(Fakes.ToPrincipal(fakes.Owner)); // Act var result = controller.GetAddPackageOwnerConfirmation(fakes.Package.Id, "nonUser"); dynamic data = ((JsonResult)result).Data; // Assert Assert.False(data.success); Assert.Equal("Owner not found.", data.message); }
public async Task CreatesPackageOwnerRequestSendsEmailAndReturnsPendingState() { var fakes = Get <Fakes>(); var controller = GetController <JsonApiController>(); var httpContextMock = GetMock <HttpContextBase>(); httpContextMock .Setup(c => c.User) .Returns(Fakes.ToPrincipal(fakes.Owner)) .Verifiable(); var packageServiceMock = GetMock <IPackageService>(); packageServiceMock .Setup(p => p.CreatePackageOwnerRequestAsync(fakes.Package, fakes.Owner, fakes.User)) .Returns(Task.FromResult(new PackageOwnerRequest { ConfirmationCode = "confirmation-code" })) .Verifiable(); var messageServiceMock = GetMock <IMessageService>(); messageServiceMock .Setup(m => m.SendPackageOwnerRequest( fakes.Owner, fakes.User, fakes.Package, "https://nuget.local/packages/FakePackage/owners/testUser/confirm/confirmation-code")) .Verifiable(); JsonResult result = await controller.AddPackageOwner(fakes.Package.Id, fakes.User.Username); dynamic data = result.Data; Assert.True(data.success); Assert.Equal(fakes.User.Username, data.name); Assert.True(data.pending); httpContextMock.Verify(); packageServiceMock.Verify(); messageServiceMock.Verify(); }
public void ReturnsFailureIfNewOwnerIsNotConfirmed() { // Arrange var fakes = Get <Fakes>(); var controller = GetController <JsonApiController>(); GetMock <HttpContextBase>() .Setup(c => c.User) .Returns(Fakes.ToPrincipal(fakes.Owner)); fakes.User.UnconfirmedEmailAddress = fakes.Owner.EmailAddress; fakes.User.EmailAddress = null; // Act var result = controller.GetAddPackageOwnerConfirmation(fakes.Package.Id, fakes.User.Username); dynamic data = ((JsonResult)result).Data; // Assert Assert.False(data.success); Assert.Equal("Sorry, 'testUser' hasn't verified their email account yet and we cannot proceed with the request.", data.message); }
public void DoesNotReturnConfirmationIfCurrentOwnerPropagatesButNewOwnerIsSubscribed() { // Arrange var fakes = Get <Fakes>(); var controller = GetController <JsonApiController>(); GetMock <HttpContextBase>() .Setup(c => c.User) .Returns(Fakes.ToPrincipal(fakes.Owner)); GetMock <ISecurityPolicyService>().Setup(s => s.IsSubscribed(fakes.User, SecurePushSubscription.Name)).Returns(true); fakes.Owner.SecurityPolicies = (new RequireSecurePushForCoOwnersPolicy().Policies).ToList(); // Act var result = controller.GetAddPackageOwnerConfirmation(fakes.Package.Id, fakes.User.Username); dynamic data = ((JsonResult)result).Data; // Assert Assert.True(data.success); Assert.StartsWith("Please confirm if you would like to proceed adding 'testUser' as a co-owner of this package.", data.confirmation); }
public void ReturnsDetailedConfirmationIfCurrentOwnerPropagatesPolicy() { // Arrange var fakes = Get <Fakes>(); var controller = GetController <JsonApiController>(); GetMock <HttpContextBase>() .Setup(c => c.User) .Returns(Fakes.ToPrincipal(fakes.Owner)); fakes.Owner.SecurityPolicies = (new RequireSecurePushForCoOwnersPolicy().Policies).ToList(); // Act var result = controller.GetAddPackageOwnerConfirmation(fakes.Package.Id, fakes.User.Username); dynamic data = ((JsonResult)result).Data; // Assert Assert.True(data.success); Assert.StartsWith( "Owner(s) 'testPackageOwner' has (have) the following requirements that will be enforced for user 'testUser' once the user accepts ownership of this package:", data.policyMessage); }
public void ReturnsFailureIfCurrentUserNotFound() { // Arrange var fakes = Get <Fakes>(); var controller = GetController <JsonApiController>(); GetMock <HttpContextBase>() .Setup(c => c.User) .Returns(Fakes.ToPrincipal(fakes.Owner)); GetMock <IUserService>() .Setup(s => s.FindByUsername(fakes.Owner.Username)) .ReturnsNull(); // Act var result = controller.GetAddPackageOwnerConfirmation(fakes.Package.Id, fakes.User.Username); dynamic data = ((JsonResult)result).Data; // Assert Assert.False(data.success); Assert.Equal("Current user not found.", data.message); }
public void WhenClaimNotFound_ReturnsNull() { var principal = Fakes.ToPrincipal(new User("user")); Assert.Null(principal.GetClaimOrDefault("noSuchClaim")); }
public void WhenClaimFound_ReturnsClaim() { var principal = Fakes.ToPrincipal(new User("user")); Assert.Equal("user", principal.GetClaimOrDefault(ClaimsIdentity.DefaultNameClaimType)); }
public void ReturnsAuthenticationType() { var principal = Fakes.ToPrincipal(new User("user")); Assert.Equal("Test", principal.Identity.AuthenticationType); }