public void TestAddToUserRequestHistoryFromManipulator() { var user = Manipulator.GetUsersWhere("Email=\"msn\"")[0]; List <PreviousUserRequest> emptyRequests = new List <PreviousUserRequest>(); Assert.AreEqual(0, emptyRequests.Count); List <PreviousUserRequest> appendedTo = new List <PreviousUserRequest>(); appendedTo.Add(new PreviousUserRequest() { Request = new RequestString() { Company = 1, Type = "Join" } }); appendedTo[0].Request.CalculateMD5(); user.EncodeRequests(appendedTo); byte[] requestHistory = user.RequestHistory; user.DecodeRequests(); Manipulator.UpdateUserPreviousRequests(user); user = Manipulator.GetUsersWhere("Email=\"msn\"")[0]; Assert.AreEqual(requestHistory.Length, user.RequestHistory.Length); for (int i = 0; i < requestHistory.Length; i++) { Assert.AreEqual(requestHistory[i], user.RequestHistory[i]); } emptyRequests = user.DecodeRequests(); Assert.AreEqual(1, emptyRequests.Count); }
public void TestValidReport() { using (MySqlDataManipulator manipulator = new MySqlDataManipulator()) { manipulator.Connect(TestingConstants.ConnectionString); var reportedUser = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser2.Email))[0]; try { reportedUser.UpdateSettings(UserSettingsEntryKeys.DisplayName, "TerribleName"); Assert.IsTrue(manipulator.UpdateUsersSettings(reportedUser)); NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser1, manipulator); var reportingUser = manipulator.GetUsersWhere( string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email) )[0]; var loginTokens = UserVerificationUtil.ExtractLoginTokens(reportingUser); object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage( TestingUserStorage.ValidUser1.ConstructReportMessage( reportingUser.UserId, loginTokens.LoginToken, loginTokens.AuthToken, "TerribleName" ), "POST" ); var ctx = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; HttpWebResponse resp = null; TestApi.POST(ctx); try { resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; } catch (WebException) { Assert.Fail("Received an error message when one was not expected"); } Assert.AreEqual(HttpStatusCode.OK, resp.StatusCode); reportedUser = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser2.Email))[0]; var reportedUserSettings = JsonDataObjectUtil <List <UserSettingsEntry> > .ParseObject(reportedUser.Settings); bool foundDisplayName = false; foreach (UserSettingsEntry entry in reportedUserSettings) { if (entry.Key == UserSettingsEntryKeys.DisplayName) { foundDisplayName = true; Assert.AreEqual("Default User " + reportedUser.UserId, entry.Value); break; } } Assert.IsTrue(foundDisplayName); } finally { reportedUser.Settings = OverallUser.GenerateDefaultSettings(); Assert.IsTrue(manipulator.UpdateUsersSettings(reportedUser)); } } }
public void TestUnauthorizedOnNonLoggedInUser() { using (MySqlDataManipulator manipulator = new MySqlDataManipulator()) { manipulator.Connect(TestingConstants.ConnectionString); Assert.IsTrue(NetTestingUserUtils.LogInTestingUser(TestingUserStorage.ValidUser1)); var user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email))[0]; List <PreviousUserRequest> currentRequests = user.DecodeRequests(); object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage( TestingUserStorage.ValidUser1.ConstructRetrievePreviousRequestsRequest( user.UserId, "x'ababbbaacbaba'"), "PUT"); var ctx = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; TestApi.PUT(ctx); HttpWebResponse resp = null; try { resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; Assert.Fail("Expected an error response, but did not receive one"); } catch (WebException e) { resp = e.Response as HttpWebResponse; } Assert.AreEqual(HttpStatusCode.Unauthorized, resp.StatusCode); } }
public void TestNotAuthorizedOnNonLoggedUser() { using (MySqlDataManipulator manipulator = new MySqlDataManipulator()) { manipulator.Connect(TestingConstants.ConnectionString); var user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email))[0]; object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage( TestingUserStorage.ValidUser1.ConstructSecurityQuestionRequest("x'abaababaaababaaba'", user.UserId), "POST"); var ctx = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; HttpWebResponse resp; TestApi.POST(ctx); try { resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; Assert.Fail("Expected an error message, but didn't receive one."); } catch (WebException e) { resp = e.Response as HttpWebResponse; } Assert.AreEqual(HttpStatusCode.Unauthorized, resp.StatusCode); } }
public void TestUnauthorizedOnNonLoggedInUser() { MySqlDataManipulator manipulator = new MySqlDataManipulator(); Assert.IsTrue(manipulator.Connect(TestingConstants.ConnectionString)); using (manipulator) { PartCatalogueEntry entry = manipulator.GetPartCatalogueEntriesWhere(1, string.Format("PartId=\"{0}\"", TestingPartEntry.ValidPartEntry1.PartId) )[0]; Assert.IsTrue(NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser3, manipulator)); OverallUser validUser1 = manipulator.GetUsersWhere( string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser3.Email) )[0]; var loginTokens = UserVerificationUtil.ExtractLoginTokens(validUser1); var message = TestingPartEntry.ValidPartEntry1.ConstructDeletionRequest( validUser1.UserId, loginTokens.LoginToken, loginTokens.AuthToken, entry.Id ); message["LoginToken"] = "x'abacbadabac'"; object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage( message, "PATCH" ); var context = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; TestApi.PATCH(context); HttpWebResponse response; try { response = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; Assert.Fail("Expected and error response, but did not receive one"); } catch (WebException e) { response = e.Response as HttpWebResponse; } Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode); } }
public void TestRetrieveUserSettingsDefaultValues() { using (MySqlDataManipulator manipulator = new MySqlDataManipulator()) { manipulator.Connect(TestingConstants.ConnectionString); Assert.IsTrue(NetTestingUserUtils.LogInTestingUser(TestingUserStorage.ValidUser1)); var user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email))[0]; var currentSettings = user.Settings; object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage( TestingUserStorage.ValidUser1.ConstructRetrieveSettingsRequest( user.UserId, UserVerificationUtil.ExtractLoginTokens(user).LoginToken), "PUT"); var ctx = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; TestApi.PUT(ctx); HttpWebResponse resp = null; try { resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; } catch (Exception e) { Assert.Fail(e.Message); } using (resp) { Assert.AreEqual(HttpStatusCode.OK, resp.StatusCode); byte[] data = new byte[resp.ContentLength]; resp.GetResponseStream().Read(data, 0, data.Length); string received = Encoding.UTF8.GetString(data); Assert.AreEqual(currentSettings, received); } } }
public void TestBadRequestOnInvalidUserId() { MySqlDataManipulator manipulator = new MySqlDataManipulator(); Assert.IsTrue(manipulator.Connect(TestingConstants.ConnectionString)); using (manipulator) { Assert.IsTrue(NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser3, manipulator)); OverallUser validUser1 = manipulator.GetUsersWhere( string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser3.Email) )[0]; var loginTokens = UserVerificationUtil.ExtractLoginTokens(validUser1); var message = TestingPartEntry.ValidPartEntry1.ConstructAdditionRequest( validUser1.UserId, loginTokens.LoginToken, loginTokens.AuthToken ); message["UserId"] = 0; object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage( message, "POST" ); var context = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; TestApi.POST(context); HttpWebResponse response; try { response = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; Assert.Fail("Expected an error response, but did not receive one"); } catch (WebException e) { response = e.Response as HttpWebResponse; } Assert.AreEqual(HttpStatusCode.BadRequest, response.StatusCode); } }
public void TestNotFoundOnNonExistentUser() { using (MySqlDataManipulator manipulator = new MySqlDataManipulator()) { manipulator.Connect(TestingConstants.ConnectionString); Assert.IsTrue(NetTestingUserUtils.LogInTestingUser(TestingUserStorage.ValidUser1)); var user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email))[0]; var currentSettings = user.Settings; object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage( TestingUserStorage.ValidUser1.ConstructRetrieveSettingsRequest( 100000, UserVerificationUtil.ExtractLoginTokens(user).LoginToken), "PUT"); var ctx = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; TestApi.PUT(ctx); HttpWebResponse resp = null; try { resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; Assert.Fail("Expected error response, but did not receive one"); } catch (WebException e) { resp = e.Response as HttpWebResponse; } Assert.AreEqual(HttpStatusCode.NotFound, resp.StatusCode); } }
/// <summary> /// <para>Uses the supplied <see cref="MySqlDataManipulator"/> to add the setting to all of the specified targets</para> /// </summary> /// <param name="manipulator"></param> public override void PerformFunction(MySqlDataManipulator manipulator) { if (Target.Equals("user")) { var users = manipulator.GetUsersWhere("id > 0"); foreach (OverallUser user in users) { //Add the setting to the user if they do not already have a setting with the same key List <UserSettingsEntry> settings = JsonDataObjectUtil <List <UserSettingsEntry> > .ParseObject(user.Settings); bool found = false; foreach (UserSettingsEntry entry in settings) { if (entry.Key.Equals(Key)) { found = true; break; } } if (!found) { settings.Add(new UserSettingsEntry() { Key = Key, Value = Value }); user.Settings = JsonDataObjectUtil <List <UserSettingsEntry> > .ConvertObject(settings); if (!manipulator.UpdateUsersSettings(user)) { Console.WriteLine("Failed to update settings for user " + user.UserId); continue; } Console.WriteLine("Updated settings for user " + user.UserId); continue; } Console.WriteLine("User " + user.UserId + " already had a setting with key " + Key); } } else if (Target.Equals("company")) { var companies = manipulator.GetCompaniesWithNamePortion(""); foreach (CompanyId company in companies) { //Add the setting to the company if it does not already have one with the same key int companyId = company.Id; bool found = manipulator.GetCompanySettingsWhere(companyId, "SettingKey = \"" + Key + "\"").Count == 1; if (!found) { if (!manipulator.AddCompanySetting(companyId, new CompanySettingsEntry(Key, Value))) { Console.WriteLine("Company " + company.LegalName + " failed to have the setting added"); continue; } Console.WriteLine("Successfully added setting for company " + company.LegalName); continue; } Console.WriteLine("Company " + company.LegalName + " already had a setting with key " + Key); } } }
public void TestValidRequest() { using (MySqlDataManipulator manipulator = new MySqlDataManipulator()) { manipulator.Connect(TestingConstants.ConnectionString); Assert.IsTrue(NetTestingUserUtils.LogInTestingUser(TestingUserStorage.ValidUser1)); var user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email))[0]; var loginTokens = UserVerificationUtil.ExtractLoginTokens(user); object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage( TestingUserStorage.ValidUser1.ConstructSecurityQuestionRequest(loginTokens.LoginToken, user.UserId), "POST"); var ctx = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; HttpWebResponse resp; TestApi.POST(ctx); try { resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; } catch (WebException e) { resp = e.Response as HttpWebResponse; byte[] respData = new byte[resp.ContentLength]; resp.GetResponseStream().Read(respData, 0, respData.Length); Console.WriteLine(Encoding.UTF8.GetString(respData)); throw e; } byte[] data = new byte[resp.ContentLength]; resp.GetResponseStream().Read(data, 0, data.Length); string receivedData = Encoding.UTF8.GetString(data); Assert.AreEqual(HttpStatusCode.OK, resp.StatusCode); Assert.AreEqual(TestingUserStorage.ValidUser1.SecurityQuestion, receivedData); } }
public void TestNotFoundOnNonExistentUser() { using (MySqlDataManipulator manipulator = new MySqlDataManipulator()) { manipulator.Connect(TestingConstants.ConnectionString); NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser1, manipulator); var reportingUser = manipulator.GetUsersWhere( string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email) )[0]; var loginTokens = UserVerificationUtil.ExtractLoginTokens(reportingUser); object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage( TestingUserStorage.ValidUser1.ConstructReportMessage( 10000000, loginTokens.LoginToken, loginTokens.AuthToken, "TerribleName" ), "POST" ); var ctx = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; HttpWebResponse resp = null; TestApi.POST(ctx); try { resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; Assert.Fail("Expected an error message but never received one"); } catch (WebException e) { resp = e.Response as HttpWebResponse; } Assert.AreEqual(HttpStatusCode.NotFound, resp.StatusCode); } }
public static bool AuthenticateTestingUser(TestingUserStorage.TestingUser userIn, MySqlDataManipulator manipulatorIn) { UserAuthApi api = new UserAuthApi(10000); if (!LogInTestingUser(userIn)) { return(false); } var databaseUser = manipulatorIn.GetUsersWhere(string.Format("Email=\"{0}\"", userIn.Email))[0]; var loginTokens = UserVerificationUtil.ExtractLoginTokens(databaseUser); object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage( userIn.ConstructAuthenticationRequest(loginTokens.LoginToken, databaseUser.UserId), "PUT"); var ctx = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; api.PUT(ctx); HttpWebResponse resp; try { resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; return(true); } catch { return(false); } }
public void BadRequestOnInvalidUserId() { MySqlDataManipulator manipulator = new MySqlDataManipulator(); using (manipulator) { manipulator.Connect(TestingConstants.ConnectionString); Assert.IsTrue(NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser2, manipulator)); OverallUser user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser2.Email))[0]; var loginTokens = UserVerificationUtil.ExtractLoginTokens(user); var authReq = TestingUserStorage.ValidUser2.ConstructCheckAuthenticationStatusRequest(loginTokens.LoginToken, loginTokens.AuthToken, user.UserId); authReq.SetMapping("UserId", 0); object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(authReq, "PUT"); var ctx = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; TestApi.PUT(ctx); HttpWebResponse resp; try { resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; Assert.Fail(); } catch (WebException e) { resp = e.Response as HttpWebResponse; } Assert.AreEqual(HttpStatusCode.BadRequest, resp.StatusCode); } }
public void TestUploadRepairJobSimilarJobsForced() { using (MySqlDataManipulator manipulator = new MySqlDataManipulator()) { manipulator.Connect(TestingConstants.ConnectionString); NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser1, manipulator); var uploadingUser = manipulator.GetUsersWhere( string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email) )[0]; var loginTokens = UserVerificationUtil.ExtractLoginTokens(uploadingUser); object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage( TestingRepairJobStorage.RepairJob1.ConstructCreationMessage( uploadingUser.UserId, loginTokens.LoginToken, loginTokens.AuthToken, 1 ), "POST" ); var ctx = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; HttpWebResponse resp = null; TestApi.POST(ctx); try { resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; } catch (WebException) { Assert.Fail("Received an error message when one was not expected"); } Assert.AreEqual(HttpStatusCode.OK, resp.StatusCode); } }
public void TestUnauthorizedOnNotLoggedInUser() { using (MySqlDataManipulator manipulator = new MySqlDataManipulator()) { manipulator.Connect(TestingConstants.ConnectionString); NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser1, manipulator); var uploadingUser = manipulator.GetUsersWhere( string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email) )[0]; var loginTokens = UserVerificationUtil.ExtractLoginTokens(uploadingUser); object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage( TestingRepairJobStorage.RepairJob1.ConstructCreationMessage( uploadingUser.UserId, "I'm Logged-In I Swear!", loginTokens.AuthToken, 0 ), "POST" ); var ctx = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; HttpWebResponse resp = null; TestApi.POST(ctx); try { resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; } catch (WebException e) { resp = e.Response as HttpWebResponse; string message = e.Message; } Assert.AreEqual(HttpStatusCode.Unauthorized, resp.StatusCode); } }
public void TestValidAuthenticationRequest() { MySqlDataManipulator manipulator = new MySqlDataManipulator(); using (manipulator) { manipulator.Connect(TestingConstants.ConnectionString); Assert.IsTrue(NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser2, manipulator)); OverallUser user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser2.Email))[0]; var loginTokens = UserVerificationUtil.ExtractLoginTokens(user); var authReq = TestingUserStorage.ValidUser2.ConstructCheckAuthenticationStatusRequest(loginTokens.LoginToken, loginTokens.AuthToken, user.UserId); object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(authReq, "PUT"); var ctx = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; TestApi.PUT(ctx); HttpWebResponse resp; try { resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; } catch (WebException e) { resp = e.Response as HttpWebResponse; byte[] respData = new byte[resp.ContentLength]; resp.GetResponseStream().Read(respData, 0, respData.Length); Console.WriteLine(Encoding.UTF8.GetString(respData)); throw e; } Assert.AreEqual(HttpStatusCode.OK, resp.StatusCode); } }
public void TestUpdateUserSetting() { using (MySqlDataManipulator manipulator = new MySqlDataManipulator()) { manipulator.Connect(TestingConstants.ConnectionString); Assert.IsTrue(NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser1, manipulator)); var user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email))[0]; user.Settings = OverallUser.GenerateDefaultSettings(); Assert.IsTrue(manipulator.UpdateUsersSettings(user)); var currentSettings = user.Settings; var loginTokens = UserVerificationUtil.ExtractLoginTokens(user); object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage( TestingUserStorage.ValidUser1.ConstructChangeSettingRequest( user.UserId, loginTokens.LoginToken, loginTokens.AuthToken, UserSettingsEntryKeys.DisplayName, "New Name #2!"), "PATCH"); var ctx = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; TestApi.PATCH(ctx); HttpWebResponse resp = null; try { resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; } catch (Exception e) { Assert.Fail(e.Message); } using (resp) Assert.AreEqual(HttpStatusCode.OK, resp.StatusCode); user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email))[0]; var newSettings = JsonDataObjectUtil <List <UserSettingsEntry> > .ParseObject(user.Settings); foreach (UserSettingsEntry entry in newSettings) { if (entry.Key == UserSettingsEntryKeys.DisplayName) { Assert.AreEqual("New Name #2!", entry.Value); break; } } } }
public void TestValidRequest() { MySqlDataManipulator manipulator = new MySqlDataManipulator(); Assert.IsTrue(manipulator.Connect(TestingConstants.ConnectionString)); using (manipulator) { PartCatalogueEntry entry = manipulator.GetPartCatalogueEntriesWhere(1, string.Format("PartId=\"{0}\"", TestingPartEntry.ValidPartEntry1.PartId) )[0]; Assert.IsTrue(manipulator.RemovePartCatalogueEntry( 1, entry.Id )); var entryList = manipulator.GetPartCatalogueEntriesWhere( 1, string.Format("PartId=\"{0}\"", TestingPartEntry.ValidPartEntry1.PartId) ); Assert.AreEqual(0, entryList.Count); try { Assert.IsTrue(NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser3, manipulator)); OverallUser validUser1 = manipulator.GetUsersWhere( string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser3.Email) )[0]; var loginTokens = UserVerificationUtil.ExtractLoginTokens(validUser1); var message = TestingPartEntry.ValidPartEntry1.ConstructAdditionRequest( validUser1.UserId, loginTokens.LoginToken, loginTokens.AuthToken ); object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage( message, "POST" ); var context = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; TestApi.POST(context); HttpWebResponse response; try { response = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; } catch (WebException e) { response = e.Response as HttpWebResponse; Assert.Fail("Server sent back an error response: {0}", response.StatusCode); } Assert.AreEqual(HttpStatusCode.OK, response.StatusCode); var addedEntryList = manipulator.GetPartCatalogueEntriesWhere( 1, string.Format("PartId=\"{0}\"", TestingPartEntry.ValidPartEntry1.PartId) ); Assert.AreEqual(1, addedEntryList.Count); } finally { if ( manipulator.GetPartCatalogueEntriesWhere(1, string.Format("PartId=\"{0}\"", TestingPartEntry.ValidPartEntry1.PartId) ).Count == 0 ) { Assert.IsTrue(TestingDatabaseCreationUtils.InitializePartCatelogueEntries()); } } } }
public void TestRetrievePastRequests() { using (MySqlDataManipulator manipulator = new MySqlDataManipulator()) { manipulator.Connect(TestingConstants.ConnectionString); Assert.IsTrue(NetTestingUserUtils.LogInTestingUser(TestingUserStorage.ValidUser1)); var user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email))[0]; List <PreviousUserRequest> currentRequests = user.DecodeRequests(); currentRequests.Add(new PreviousUserRequest() { Request = new RequestString() { Company = 1, Type = "TestingRequest" }, RequestStatus = "Completed" }); user.EncodeRequests(currentRequests); Assert.IsTrue(manipulator.UpdateUserPreviousRequests(user)); object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage( TestingUserStorage.ValidUser1.ConstructRetrievePreviousRequestsRequest( user.UserId, UserVerificationUtil.ExtractLoginTokens(user).LoginToken), "PUT"); var ctx = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; TestApi.PUT(ctx); HttpWebResponse resp = null; try { resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; } catch (Exception e) { Assert.Fail(e.Message); } using (resp) { Assert.AreEqual(HttpStatusCode.OK, resp.StatusCode); byte[] data = new byte[resp.ContentLength]; resp.GetResponseStream().Read(data, 0, data.Length); string received = Encoding.UTF8.GetString(data); var receivedRequests = JsonDataObjectUtil <List <PreviousUserRequest> > .ParseObject(received); Assert.AreEqual(currentRequests.Count, receivedRequests.Count); for (int i = 0; i < currentRequests.Count; i++) { Assert.AreEqual(currentRequests[i], receivedRequests[i]); } } } }
public void TestCreateValidUser1() { MySqlDataManipulator manipulator = new MySqlDataManipulator(); using (manipulator) { manipulator.Connect(TestingConstants.ConnectionString); Assert.IsTrue(manipulator.RemoveUserByEmail(TestingUserStorage.ValidUser1.Email)); object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage( TestingUserStorage.ValidUser1.ConstructCreationMessage(), "POST"); var ctx = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; TestApi.POST(ctx); HttpWebResponse resp; try { resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; } catch (WebException e) { resp = e.Response as HttpWebResponse; } try { Assert.AreEqual(HttpStatusCode.OK, resp.StatusCode); } catch (AssertFailedException e) { byte[] respData = new byte[resp.ContentLength]; resp.GetResponseStream().Read(respData, 0, respData.Length); Console.WriteLine(Encoding.UTF8.GetString(respData)); TestingDatabaseCreationUtils.InitializeUsers(); throw e; } var createdUser = manipulator.GetUsersWhere(string.Format("Email = \"{0}\"", TestingUserStorage.ValidUser1.Email)); Assert.IsNotNull(createdUser); Assert.AreEqual(1, createdUser.Count); Assert.AreEqual(TestingUserStorage.ValidUser1.Email, createdUser[0].Email); } }
public void TestLoginUser() { object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage( TestingUserStorage.ValidUser1.ConstructLoginRequest(), "PUT"); var ctx = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; TestApi.PUT(ctx); HttpWebResponse resp; try { resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; } catch (WebException e) { resp = e.Response as HttpWebResponse; } try { Assert.AreEqual(HttpStatusCode.OK, resp.StatusCode); } catch (AssertFailedException e) { byte[] respData = new byte[resp.ContentLength]; resp.GetResponseStream().Read(respData, 0, respData.Length); Console.WriteLine(Encoding.UTF8.GetString(respData)); throw e; } using (MySqlDataManipulator manipulator = new MySqlDataManipulator()) { manipulator.Connect(TestingConstants.ConnectionString); manipulator.UpdateUsersLoginToken( manipulator.GetUsersWhere( string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email) )[0], new LoginStatusTokens()); } }
public void TestBadRequestOnInvalidUserId() { using (MySqlDataManipulator manipulator = new MySqlDataManipulator()) { manipulator.Connect(TestingConstants.ConnectionString); Assert.IsTrue(NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser1, manipulator)); var user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email))[0]; user.Settings = OverallUser.GenerateDefaultSettings(); Assert.IsTrue(manipulator.UpdateUsersSettings(user)); var currentSettings = user.Settings; var loginTokens = UserVerificationUtil.ExtractLoginTokens(user); object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage( TestingUserStorage.ValidUser1.ConstructChangeSettingRequest( 0, loginTokens.LoginToken, loginTokens.AuthToken, UserSettingsEntryKeys.DisplayName, "New Name #2!"), "PATCH"); var ctx = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; TestApi.PATCH(ctx); HttpWebResponse resp = null; try { resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; Assert.Fail("Expected an error response, but did not receive one"); } catch (WebException e) { resp = e.Response as HttpWebResponse; } using (resp) Assert.AreEqual(HttpStatusCode.BadRequest, resp.StatusCode); } }
private void HandlePutRequest(HttpListenerContext ctx) { try { #region Input Validation if (!ctx.Request.HasEntityBody) { WriteBodyResponse(ctx, 400, "Bad Request", "No Body"); return; } CompanyUsersApiGetRequest entry = JsonDataObjectUtil <CompanyUsersApiGetRequest> .ParseObject(ctx); if (!ValidateGetRequest(entry)) { WriteBodyResponse(ctx, 400, "Bad Request", "Incorrect Format"); return; } #endregion MySqlDataManipulator connection = new MySqlDataManipulator(); using (connection) { bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString()); if (!res) { WriteBodyResponse(ctx, 500, "Unexpected Server Error", "Connection to database failed"); return; } #region User Validation OverallUser mappedUser = connection.GetUserById(entry.UserId); if (mappedUser == null) { WriteBodyResponse(ctx, 404, "Not Found", "User was not found on on the server"); return; } if (!UserVerificationUtil.LoginTokenValid(mappedUser, entry.LoginToken)) { WriteBodyResponse(ctx, 401, "Not Authorized", "Login token was incorrect."); return; } if (!UserVerificationUtil.AuthTokenValid(mappedUser, entry.AuthToken)) { WriteBodyResponse(ctx, 401, "Not Authorized", "Auth token was incorrect."); return; } if ((mappedUser.AccessLevel & AccessLevelMasks.AdminMask) == 0) { WriteBodyResponse(ctx, 401, "Not Authorized", "User was not an admin"); return; } #endregion #region Action Handling List <OverallUser> companyUsers = connection.GetUsersWhere("Company=" + mappedUser.Company); JsonListStringConstructor retConstructor = new JsonListStringConstructor(); companyUsers.ForEach(user => retConstructor.AddElement(ConvertUserToOutput(user))); WriteBodyResponse(ctx, 200, "OK", retConstructor.ToString()); #endregion } } catch (HttpListenerException) { //HttpListeners dispose themselves when an exception occurs, so we can do no more. } catch (Exception e) { WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message); } }
public static bool InitializeUsers() { if (!DatabaseInitialized) { return(false); } MySqlDataManipulator initializer = new MySqlDataManipulator(); using (initializer) { if (!initializer.Connect(TestingConstants.ConnectionString)) { Console.WriteLine("Encountered an error opening the global configuration connection"); Console.WriteLine(initializer.LastException.Message); return(false); } if (initializer.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email)).Count == 0) { if (!initializer.AddUser( TestingUserStorage.ValidUser1.Email, TestingUserStorage.ValidUser1.Password, TestingUserStorage.ValidUser1.SecurityQuestion, TestingUserStorage.ValidUser1.SecurityAnswer, TestingUserStorage.ValidUser1.AccessLevel ) ) { Console.WriteLine("Encountered an error adding the first valid user."); Console.WriteLine(initializer.LastException.Message); return(false); } } if (initializer.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser2.Email)).Count == 0) { if (!initializer.AddUser( TestingUserStorage.ValidUser2.Email, TestingUserStorage.ValidUser2.Password, TestingUserStorage.ValidUser2.SecurityQuestion, TestingUserStorage.ValidUser2.SecurityAnswer, TestingUserStorage.ValidUser2.AccessLevel ) ) { Console.WriteLine("Encountered an error adding the second valid user."); Console.WriteLine(initializer.LastException.Message); return(false); } } if (initializer.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser3.Email)).Count == 0) { if (!initializer.AddUser( TestingUserStorage.ValidUser3.Email, TestingUserStorage.ValidUser3.Password, TestingUserStorage.ValidUser3.SecurityQuestion, TestingUserStorage.ValidUser3.SecurityAnswer, TestingUserStorage.ValidUser3.AccessLevel ) ) { Console.WriteLine("Encountered an error adding the third valid user."); Console.WriteLine(initializer.LastException.Message); return(false); } } if (initializer.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser4.Email)).Count == 0) { if (!initializer.AddUser( TestingUserStorage.ValidUser4.Email, TestingUserStorage.ValidUser4.Password, TestingUserStorage.ValidUser4.SecurityQuestion, TestingUserStorage.ValidUser4.SecurityAnswer, TestingUserStorage.ValidUser4.AccessLevel ) ) { Console.WriteLine("Encountered an error adding the fourth valid user."); Console.WriteLine(initializer.LastException.Message); return(false); } } if (initializer.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser5.Email)).Count == 0) { if (!initializer.AddUser( TestingUserStorage.ValidUser5.Email, TestingUserStorage.ValidUser5.Password, TestingUserStorage.ValidUser5.SecurityQuestion, TestingUserStorage.ValidUser5.SecurityAnswer, TestingUserStorage.ValidUser5.AccessLevel ) ) { Console.WriteLine("Encountered an error adding the fifth valid user."); Console.WriteLine(initializer.LastException.Message); return(false); } } return(true); } }
/// <summary> /// Request for creating a base mechanic user account. Documention is found in the Web API Enumeration file /// in the /RepairJob/Requirements tab, starting at row 1 /// </summary> /// <param name="ctx">The HttpListenerContext to respond to</param> public void HandlePostRequest(HttpListenerContext ctx) { try { #region Input Validation if (!ctx.Request.HasEntityBody) { WriteBodyResponse(ctx, 400, "No Body", "Request lacked a body"); return; } UserCreationRequest req = JsonDataObjectUtil <UserCreationRequest> .ParseObject(ctx); if (req == null) { WriteBodyResponse(ctx, 400, "Incorrect Format", "Request was in the wrong format"); return; } if (!ValidateCreationResponse(req)) { WriteBodyResponse(ctx, 400, "Incorrect Format", "Not all fields of the request were filled"); return; } #endregion MySqlDataManipulator connection = new MySqlDataManipulator(); using (connection) { bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString()); if (!res) { WriteBodyResponse(ctx, 500, "Unexpected ServerError", "Connection to database failed"); return; } #region Action Handling var users = connection.GetUsersWhere(" Email = \"" + req.Email + "\""); if (users == null) { WriteBodyResponse(ctx, 500, "Unexpected Server Error", connection.LastException.Message); return; } if (users.Count > 0) { WriteBodyResponse(ctx, 409, "User Conflict", "User with email already exists"); return; } res = connection.AddUser(req.Email, req.Password, req.SecurityQuestion, req.SecurityAnswer); if (!res) { WriteBodyResponse(ctx, 500, "Unexpected ServerError", connection.LastException.Message); return; } WriteBodylessResponse(ctx, 200, "OK"); #endregion } } catch (HttpListenerException) { //HttpListeners dispose themselves when an exception occurs, so we can do no more. } catch (Exception e) { WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message); } }
/// <summary> /// Request for a user to log in using their email and password. Documention is found in the Web API Enumeration file /// in the /RepairJob/Requirements tab, starting at row 21 /// </summary> /// <param name="ctx">The HttpListenerContext to respond to</param> public void HandlePutRequest(HttpListenerContext ctx) { try { #region Input Validation if (!ctx.Request.HasEntityBody) { WriteBodyResponse(ctx, 400, "No Body", "Request lacked a body"); return; } string reqString = new StreamReader(ctx.Request.InputStream).ReadToEnd(); UserLoginRequest req = JsonDataObjectUtil <UserLoginRequest> .ParseObject(reqString); if (req == null) { WriteBodyResponse(ctx, 400, "Incorrect Format", "Request was in the wrong format"); return; } if (!ValidateLoginRequest(req)) { UserCheckLoginStatusRequest req2 = JsonDataObjectUtil <UserCheckLoginStatusRequest> .ParseObject(reqString); if (req2 != null && ValidateCheckLoginRequest(req2)) { HandleCheckLoginRequest(ctx, req2); return; } WriteBodyResponse(ctx, 400, "Incorrect Format", "Not all fields of the request were filled"); return; } #endregion MySqlDataManipulator connection = new MySqlDataManipulator(); using (connection) { bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString()); if (!res) { WriteBodyResponse(ctx, 500, "Unexpected ServerError", "Connection to database failed"); return; } #region Action Handling var users = connection.GetUsersWhere(" Email = \"" + req.Email + "\""); if (users.Count == 0) { WriteBodyResponse(ctx, 404, "Not Found", "User was not found on the server"); return; } if (!UserVerificationUtil.VerifyLogin(users[0], req.Email, req.Password)) { WriteBodyResponse(ctx, 401, "Unauthorized", "Email or password was incorrect"); return; } OverallUser loggedInUser = users[0]; LoginStatusTokens tokens = UserVerificationUtil.ExtractLoginTokens(loggedInUser); UserVerificationUtil.GenerateNewLoginToken(tokens); if (!connection.UpdateUsersLoginToken(loggedInUser, tokens)) { WriteBodyResponse(ctx, 500, "Unexpected Server Error", "Failed to write login token to database"); return; } JsonDictionaryStringConstructor retConstructor = new JsonDictionaryStringConstructor(); retConstructor.SetMapping("token", tokens.LoginToken); retConstructor.SetMapping("userId", loggedInUser.UserId); retConstructor.SetMapping("accessLevel", loggedInUser.AccessLevel); WriteBodyResponse(ctx, 200, "OK", retConstructor.ToString(), "application/json"); #endregion } } catch (HttpListenerException) { //HttpListeners dispose themselves when an exception occurs, so we can do no more. } catch (Exception e) { WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message); } }
/// <summary> /// Request for reporting a user's display name. Documention is found in the Web API Enumeration file /// in the /User/Report tab, starting at row 1 /// </summary> /// <param name="ctx">The HttpListenerContext to respond to</param> private void HandlePostRequest(HttpListenerContext ctx) { try { #region Input Validation if (!ctx.Request.HasEntityBody) { WriteBodyResponse(ctx, 400, "No Body", "Request lacked a body"); return; } UserReportRequest req = JsonDataObjectUtil <UserReportRequest> .ParseObject(ctx); if (req == null) { WriteBodyResponse(ctx, 400, "Incorrect Format", "Request was in the wrong format"); return; } if (!ValidateRequest(req)) { WriteBodyResponse(ctx, 400, "Incorrect Format", "Not all fields of the request were filled"); return; } #endregion MySqlDataManipulator connection = new MySqlDataManipulator(); using (connection) { bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString()); if (!res) { WriteBodyResponse(ctx, 500, "Unexpected ServerError", "Connection to database failed"); return; } #region User Validation var user = connection.GetUserById(req.ReportingUserId); if (user == null) { WriteBodyResponse(ctx, 404, "Not Found", "User was not found on the server"); return; } if (!UserVerificationUtil.LoginTokenValid(user, req.LoginToken)) { WriteBodyResponse(ctx, 401, "Unauthorized", "Login Token was expired or incorrect"); return; } if (!UserVerificationUtil.AuthTokenValid(user, req.AuthToken)) { WriteBodyResponse(ctx, 401, "Unauthorized", "Auth Token was expired or incorrect"); return; } #endregion #region Action Handling var users = connection.GetUsersWhere("Settings like \"%Value\\\":\\\"" + req.ReportedDisplayName + "%\""); if (users == null) { WriteBodyResponse(ctx, 500, "Unexpected Server Error", connection.LastException.Message); return; } foreach (OverallUser reportedUser in users) { reportedUser.UpdateSettings(UserSettingsEntryKeys.DisplayName, "Default User " + reportedUser.UserId); connection.UpdateUsersSettings(reportedUser); } WriteBodylessResponse(ctx, 200, "OK"); #endregion } } catch (HttpListenerException) { //HttpListeners dispose themselves when an exception occurs, so we can do no more. } catch (Exception e) { WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message); } }