public ActionResult GenerateInvoice(GenerateInvoiceViewModel viewModel) { if (viewModel.Step == null) { if (string.IsNullOrEmpty(viewModel.PracticeIdentifier)) { this.ModelState.Clear(); viewModel.Step = 0; return(this.View()); } viewModel.Step = string.IsNullOrEmpty(viewModel.InvoiceName) ? 1 : 2; } var step = viewModel.Step ?? 0; using (var db = this.CreateNewCerebelloEntities()) { // Getting the practice indicated in the view-model. Practice practice = null; if (!string.IsNullOrWhiteSpace(viewModel.PracticeIdentifier)) { practice = db.Practices .SingleOrDefault(p => p.UrlIdentifier == viewModel.PracticeIdentifier); } if (practice == null || practice.ActiveAccountContractId == null || practice.AccountContract.IsTrial || this.ModelState.HasPropertyErrors(() => viewModel.PracticeIdentifier)) { if (practice == null) { this.ModelState.AddModelError(() => viewModel.PracticeIdentifier, "Consultório inexistente."); } if (practice != null && practice.ActiveAccountContractId == null) { this.ModelState.AddModelError(() => viewModel.PracticeIdentifier, "Consultório não possui uma conta ativa."); } if (practice != null && practice.AccountContract.IsTrial) { this.ModelState.AddModelError(() => viewModel.PracticeIdentifier, "Consultório possui conta trial."); } return(this.View(viewModel)); } var utcNow = this.GetUtcNow(); viewModel.Invoices = GetAccountInvoices(practice, utcNow); if (step == 0) { if (this.Request.HttpMethod == "POST") { return(this.RedirectToAction("GenerateInvoice", new { viewModel.PracticeIdentifier })); } // going to the next step this.ModelState.Clear(); viewModel.Step = 1; return(this.View(viewModel)); } var localNow = PracticeController.ConvertToLocalDateTime(practice, utcNow); if (step == 1) { this.ModelState.Clear(); viewModel.Step = 1; return(this.View(viewModel)); } var selectedInvoiceInfo = viewModel.Invoices.SingleOrDefault(bi => bi.NameId == viewModel.InvoiceName); if (selectedInvoiceInfo == null) { this.ModelState.AddModelError(() => viewModel.InvoiceName, "Nome de invoice não encontrado."); viewModel.Step = 1; return(this.View(viewModel)); } Billing billing = null; var idSet = string.Format( "CEREB.{1}{2}.{0}", localNow.Year, practice.AccountContract.BillingPeriodSize, practice.AccountContract.BillingPeriodType); var invoiceStartUtc = PracticeController.ConvertToUtcDateTime(practice, selectedInvoiceInfo.Start); billing = db.Billings.SingleOrDefault(b => b.PracticeId == practice.Id && b.MainAccountContractId == practice.ActiveAccountContractId && b.ReferenceDate == invoiceStartUtc); if (billing == null) { billing = new Billing { PracticeId = practice.Id, AfterDueMonthlyTax = 1.00m, // 1% AfterDueTax = 2.00m, // 2% IssuanceDate = utcNow, MainAmount = selectedInvoiceInfo.TotalAmount, MainDiscount = selectedInvoiceInfo.TotalDiscount, DueDate = PracticeController.ConvertToUtcDateTime(practice, selectedInvoiceInfo.DueDate), IdentitySetName = idSet, IdentitySetNumber = db.Billings.Count(b => b.PracticeId == practice.Id && b.IdentitySetName == idSet) + 1, ReferenceDate = PracticeController.ConvertToUtcDateTime(practice, selectedInvoiceInfo.Start), ReferenceDateEnd = PracticeController.ConvertToUtcDateTime(practice, selectedInvoiceInfo.End), MainAccountContractId = practice.ActiveAccountContractId.Value, }; db.Billings.AddObject(billing); } if (practice.AccountContract.BillingPaymentMethod == "PayPal Invoice") { this.ViewBag.IsPayPalInvoice = true; } if (this.ModelState.IsValid) { db.SaveChanges(); // adding PayPal invoice info viewModel.PayPalInvoice = new GenerateInvoiceViewModel.PayPalInvoiceInfo { UserEmail = practice.Owner.Person.Email, IssuanceDate = localNow.ToString("dd-MM-yyyy"), Currency = "BRL - Reais", Number = string.Format("{0}.{1}", billing.IdentitySetName, billing.IdentitySetNumber), DuaDate = selectedInvoiceInfo.DueDate.ToString("dd-MM-yyyy"), Terms = "Vencimento na data especificada", Items = new List <GenerateInvoiceViewModel.PayPalInvoiceItem>(), }; var strStartToEnd = selectedInvoiceInfo.End != null ? string.Format( "{0} até {1}", selectedInvoiceInfo.Start.ToString("yyyy'-'MM'-'dd"), selectedInvoiceInfo.End.Value.ToString("yyyy'-'MM'-'dd")) : string.Format( "{0}", selectedInvoiceInfo.Start.ToString("yyyy'-'MM'-'dd")); viewModel.PayPalInvoice.Items.Add( new GenerateInvoiceViewModel.PayPalInvoiceItem { NameId = "Assinatura Cerebello", Date = "", Quantity = 1, UnitPrice = selectedInvoiceInfo.TotalAmount.ToString("0.00", CultureInfo.InvariantCulture).Replace('.', ','), Description = string.Format("Assinatura do plano profissional do Cerebello ({0})", strStartToEnd), }); var periodType = practice.AccountContract.BillingPeriodType; var periodSize = practice.AccountContract.BillingPeriodSize; var discountReason = periodType == "M" && periodSize == 1 ? "mensal" : periodType == "M" && periodSize == 3 ? "trimestral" : periodType == "M" && periodSize == 6 ? "semestral" : periodType == "M" && periodSize == 12 || periodType == "Y" && periodSize == 1 ? "anual" : ""; if (selectedInvoiceInfo.TotalDiscount > 0) { viewModel.PayPalInvoice.Items.Add( new GenerateInvoiceViewModel.PayPalInvoiceItem { NameId = "Desconto da Assinatura Cerebello", Date = "", Quantity = 1, UnitPrice = selectedInvoiceInfo.TotalDiscount.ToString("'-'0.00", CultureInfo.InvariantCulture).Replace('.', ','), Description = string.Format("Desconto na Assinatura (condições especiais para pagamento {0})", discountReason) }); } viewModel.Step = 2; return(this.View(viewModel)); } } return(this.View(viewModel)); }
public void Delete_3_ExamFromAnotherPractice() { ExamsController controller; ExaminationRequest examRequest; var isDbChangesSaved = false; var localNow = new DateTime(2012, 08, 16); try { var drandre = Firestarter.Create_CrmMg_Psiquiatria_DrHouse_Andre(this.db); var dramarta = Firestarter.Create_CrmMg_Psiquiatria_DraMarta_Marta(this.db); var patientDraMarta = Firestarter.CreateFakePatients(dramarta, this.db).First(); var mr = new MockRepository(true); controller = mr.CreateController <ExamsController>( setupNewDb: db => db.SavingChanges += (s, e) => { isDbChangesSaved = true; }); Debug.Assert(drandre != null, "drandre must not be null"); var utcNow = PracticeController.ConvertToUtcDateTime(drandre.Users.First().Practice, localNow); controller.UtcNowGetter = () => utcNow; // saving the object that will be edited var medicalProc0 = this.db.SYS_MedicalProcedure.Single(x => x.Code == "4.03.04.36-1"); examRequest = new ExaminationRequest { CreatedOn = utcNow, PatientId = patientDraMarta.Id, Text = "Old text", MedicalProcedureCode = medicalProc0.Code, MedicalProcedureName = medicalProc0.Name, PracticeId = dramarta.PracticeId, }; this.db.ExaminationRequests.AddObject(examRequest); this.db.SaveChanges(); // Define André as the logged user, he cannot edit Marta's patients. mr.SetCurrentUser_Andre_CorrectPassword(); } catch (Exception ex) { InconclusiveInit(ex); return; } // Editing an examination request that does not belong to the current user's practice. // This is not allowed and must throw an exception. // note: this is not a validation error, this is a malicious attack... var jsonResult = controller.Delete(examRequest.Id); // Verifying the ActionResult. Assert.IsNotNull(jsonResult, "The result of the controller method is null."); var jsonDelete = (JsonDeleteMessage)jsonResult.Data; Assert.IsFalse(jsonDelete.success, "Deletion should not succed."); Assert.IsNotNull(jsonDelete.text, "Deletion should fail with a message."); // Verifying the controller model-state. Assert.IsTrue(controller.ModelState.IsValid, "ModelState is not valid."); // Verifying the database: cannot save the changes. Assert.IsFalse(isDbChangesSaved, "Database changes were saved, but they should not."); }
public void Delete_1_HappyPath() { ExamsController controller; Patient patient; ExaminationRequest examRequest; var isDbChangesSaved = false; var localNow = new DateTime(2012, 08, 16); try { using (var db2 = DbTestBase.CreateNewCerebelloEntities()) { var drandre = Firestarter.Create_CrmMg_Psiquiatria_DrHouse_Andre(db2); patient = Firestarter.CreateFakePatients(drandre, db2).First(); var mr = new MockRepository(true); controller = mr.CreateController <ExamsController>( setupNewDb: db => db.SavingChanges += (s, e) => { isDbChangesSaved = true; }); Debug.Assert(drandre != null, "drandre must not be null"); var utcNow = PracticeController.ConvertToUtcDateTime(drandre.Users.First().Practice, localNow); controller.UtcNowGetter = () => utcNow; // saving the object that will be edited var medicalProc1 = this.db.SYS_MedicalProcedure.Single(x => x.Code == "4.01.03.55-2"); examRequest = new ExaminationRequest { PracticeId = patient.PracticeId, CreatedOn = utcNow, PatientId = patient.Id, Text = "Old text", MedicalProcedureCode = medicalProc1.Code, MedicalProcedureName = medicalProc1.Name }; db2.ExaminationRequests.AddObject(examRequest); db2.SaveChanges(); // Define André as the logged user, he cannot edit Marta's patients. mr.SetCurrentUser_Andre_CorrectPassword(); } } catch (Exception ex) { InconclusiveInit(ex); return; } // Editing an examination request that does not belong to the current user's practice. // This is not allowed and must throw an exception. // note: this is not a validation error, this is a malicious attack... ActionResult actionResult = controller.Delete(examRequest.Id); // Verifying the ActionResult. Assert.IsNotNull(actionResult, "The result of the controller method is null."); // Verifying the controller model-state. Assert.IsTrue(controller.ModelState.IsValid, "ModelState is not valid."); // Verifying the database: cannot save the changes. Assert.IsTrue(isDbChangesSaved, "Database changes were not saved, but they should."); // Verifying the database. using (var db2 = DbTestBase.CreateNewCerebelloEntities()) { var obj = db2.ExaminationRequests.FirstOrDefault(x => x.PatientId == patient.Id); Assert.IsNull(obj, "Database record was not deleted."); } }
public void Edit_4_EditExamThatDoesNotExist() { ExamsController controller; ExaminationRequestViewModel viewModel; var isDbChangesSaved = false; var localNow = new DateTime(2012, 08, 16); try { var drandre = Firestarter.Create_CrmMg_Psiquiatria_DrHouse_Andre(this.db); var patient = Firestarter.CreateFakePatients(drandre, this.db).First(); var mr = new MockRepository(true); controller = mr.CreateController <ExamsController>( setupNewDb: db => db.SavingChanges += (s, e) => { isDbChangesSaved = true; }); Debug.Assert(drandre != null, "drandre must not be null"); var utcNow = PracticeController.ConvertToUtcDateTime(drandre.Users.First().Practice, localNow); controller.UtcNowGetter = () => utcNow; // saving the object that will be edited var medicalProc0 = this.db.SYS_MedicalProcedure.Single(x => x.Code == "4.03.04.36-1"); var examRequest = new ExaminationRequest { CreatedOn = utcNow, PatientId = patient.Id, Text = "Old text", MedicalProcedureCode = medicalProc0.Code, MedicalProcedureName = medicalProc0.Name, PracticeId = drandre.PracticeId, }; this.db.ExaminationRequests.AddObject(examRequest); this.db.SaveChanges(); // Define André as the logged user. mr.SetCurrentUser_Andre_CorrectPassword(); // Creating view-model and setting up controller ModelState based on the view-model. var medicalProc1 = this.db.SYS_MedicalProcedure.Single(x => x.Code == "4.01.03.23-4"); viewModel = new ExaminationRequestViewModel { Id = 19837, PatientId = patient.Id, Notes = "New text", MedicalProcedureCode = medicalProc1.Code, MedicalProcedureName = medicalProc1.Name, }; Mvc3TestHelper.SetModelStateErrors(controller, viewModel); } catch (Exception ex) { InconclusiveInit(ex); return; } // Editing an examination request that does not belong to the current user's practice. // This is not allowed and must throw an exception. // note: this is not a validation error, this is a malicious attack... ActionResult actionResult = controller.Edit(new[] { viewModel }); // Verifying the ActionResult, and the DB. // - The result must be a ViewResult, with the name "Edit". // - The controller ModelState must have one validation message. Assert.IsNotNull(actionResult, "The result of the controller method is null."); Assert.IsInstanceOfType(actionResult, typeof(ViewResult)); var viewResult = (ViewResult)actionResult; Assert.AreEqual("NotFound", viewResult.ViewName); // Verifying the database: cannot save the changes. Assert.IsFalse(isDbChangesSaved, "Database changes were saved, but they should not."); }
public void Edit_2_WithoutMedicalProcedure() { ExamsController controller; Patient patient; ExaminationRequest examRequest; var isDbChangesSaved = false; var localNow = new DateTime(2012, 08, 16); try { var doctor = Firestarter.Create_CrmMg_Psiquiatria_DrHouse_Andre(this.db); patient = Firestarter.CreateFakePatients(doctor, this.db).First(); var mr = new MockRepository(true); controller = mr.CreateController <ExamsController>( setupNewDb: db => db.SavingChanges += (s, e) => { isDbChangesSaved = true; }); Debug.Assert(doctor != null, "doctor must not be null"); var utcNow = PracticeController.ConvertToUtcDateTime(doctor.Users.First().Practice, localNow); controller.UtcNowGetter = () => utcNow; // saving the object that will be edited examRequest = new ExaminationRequest { CreatedOn = utcNow, PatientId = patient.Id, Text = "Old text", PracticeId = doctor.PracticeId, MedicalProcedureName = "Hemoglobina (eletroforese ou HPLC)", MedicalProcedureCode = "4.03.04.35-3", }; this.db.ExaminationRequests.AddObject(examRequest); this.db.SaveChanges(); } catch (Exception ex) { InconclusiveInit(ex); return; } // Creating a new examination request without the text. // This is not allowed and must generate a model state validation message. ActionResult actionResult; ExaminationRequestViewModel viewModel; { viewModel = new ExaminationRequestViewModel { Id = examRequest.Id, PatientId = patient.Id, }; Mvc3TestHelper.SetModelStateErrors(controller, viewModel); actionResult = controller.Edit(new[] { viewModel }); } // Verifying the ActionResult, and the DB. // - The result must be a ViewResult, with the name "Edit". // - The controller ModelState must have one validation message. Assert.IsNotNull(actionResult, "The result of the controller method is null."); Assert.IsInstanceOfType(actionResult, typeof(ViewResult)); var viewResult = (ViewResult)actionResult; Assert.AreEqual("edit", viewResult.ViewName, true); Assert.IsFalse(controller.ModelState.IsValid, "ModelState should not be valid."); Assert.AreEqual( 1, controller.ModelState.GetPropertyErrors(() => viewModel.MedicalProcedureName).Count(), "ModelState should contain one validation message."); // Verifying the database: cannot save the changes. Assert.IsFalse(isDbChangesSaved, "Database changes were saved, but they should not."); }
public void Edit_1_HappyPath() { ExamsController controller; Patient patient; ExaminationRequest examRequest; DateTime utcNow; var localNow = new DateTime(2012, 08, 16); try { var doctor = Firestarter.Create_CrmMg_Psiquiatria_DrHouse_Andre(this.db); patient = Firestarter.CreateFakePatients(doctor, this.db).First(); var mr = new MockRepository(true); controller = mr.CreateController <ExamsController>(); Debug.Assert(doctor != null, "doctor must not be null"); utcNow = PracticeController.ConvertToUtcDateTime(doctor.Users.First().Practice, localNow); controller.UtcNowGetter = () => utcNow; // saving the object that will be edited var medicalProc = this.db.SYS_MedicalProcedure.Single(x => x.Code == "4.03.04.36-1"); examRequest = new ExaminationRequest { CreatedOn = utcNow, PatientId = patient.Id, Text = "Old text", MedicalProcedureCode = medicalProc.Code, MedicalProcedureName = medicalProc.Name, PracticeId = doctor.PracticeId, }; this.db.ExaminationRequests.AddObject(examRequest); this.db.SaveChanges(); } catch (Exception ex) { InconclusiveInit(ex); return; } // Creating a new examination request. ActionResult actionResult; { var medicalProc = this.db.SYS_MedicalProcedure.Single(x => x.Code == "4.01.03.23-4"); var viewModel = new ExaminationRequestViewModel { Id = examRequest.Id, PatientId = patient.Id, Notes = "Any text", MedicalProcedureId = medicalProc.Id, // editing value: old = "4.03.04.36-1"; new = "4.01.03.23-4" MedicalProcedureName = "Eletrencefalograma em vigília, e sono espontâneo ou induzido", }; Mvc3TestHelper.SetModelStateErrors(controller, viewModel); actionResult = controller.Edit(new[] { viewModel }); } // Verifying the ActionResult. Assert.IsNotNull(actionResult, "The result of the controller method is null."); // Verifying the controller model-state. Assert.IsTrue(controller.ModelState.IsValid, "ModelState is not valid."); // Verifying the database. using (var db2 = DbTestBase.CreateNewCerebelloEntities()) { var obj = db2.ExaminationRequests.FirstOrDefault(x => x.PatientId == patient.Id); Assert.IsNotNull(obj, "Database record was not saved."); Assert.AreEqual("Any text", obj.Text); Assert.AreEqual(utcNow, obj.CreatedOn); Assert.AreEqual("4.01.03.23-4", obj.MedicalProcedureCode); Assert.AreEqual("Eletrencefalograma em vigília, e sono espontâneo ou induzido", obj.MedicalProcedureName); } }