public async Task Should_Lock_And_Unlock_User_As_Administrator()
{
// As User
var response = await TestServerFixture.AuthenticateAsUserAsync(Output);
var dto = await response.ConvertToAsync <LoginResponseDto>(Output);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
// As Admin
await TestServerFixture.AuthenticateAsAdministratorAsync(Output);
// Lock User
response = await TestServerFixture.Client.PutByIdAsync(
AllInOne.Common.Constants.Api.V1.User.Lock,
Output,
dto.CurrentUser
);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
// As locked user
response = await TestServerFixture.AuthenticateAsAsync(
TestUserDataBuilder.UserEmail,
TestUserDataBuilder.Password,
Output
);
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
// As Admin
await TestServerFixture.AuthenticateAsAdministratorAsync(Output);
// Unlock User
response = await TestServerFixture.Client.PutByIdAsync(
AllInOne.Common.Constants.Api.V1.User.Unlock,
Output,
dto.CurrentUser
);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
// As User
response = await TestServerFixture.AuthenticateAsAsync(
TestUserDataBuilder.UserEmail,
TestUserDataBuilder.Password,
Output
);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
}
public async Task Should_Register_And_Not_Login_As_Anonymous()
{
// As Anonymous
TestServerFixture.AuthenticateAsAnonymous();
// Register
var response = await TestServerFixture.Client.PostAsync(
AllInOne.Common.Constants.Api.V1.Authentication.Register,
Output,
new RegistrationRequestDto
{
Email = NewEmail,
Firstname = NewFirstname,
Lastname = NewLastname,
Password = NewPassword,
PasswordConfirmation = NewPassword
}
);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
response = await TestServerFixture.AuthenticateAsAsync(NewEmail, NewPassword, Output);
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
// As Admin
await TestServerFixture.AuthenticateAsAdministratorAsync(Output);
// Get list of users
await TestServerFixture.AuthenticateAsAdministratorAsync(Output);
response = await TestServerFixture.Client.GetAsync(
AllInOne.Common.Constants.Api.V1.User.Url,
Output,
new PagedRequestDto { }
);
var dto = await response.ConvertToAsync <PagedResultDto <UserDto, Guid?> >(Output);
var currentUser = dto.Items.First(u => u.Email == NewEmail);
// Delete User
response = await TestServerFixture.Client.DeleteAsync(
AllInOne.Common.Constants.Api.V1.User.Url,
Output,
currentUser
);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
}
public async Task Should_Change_Password_As_Administrator()
{
await TestServerFixture.AuthenticateAsAdministratorAsync(Output);
var response = await TestServerFixture.Client.PutAsync(
AllInOne.Common.Constants.Api.V1.Account.Password,
Output,
new ChangePasswordRequestDto
{
CurrentPassword = TestUserDataBuilder.Password,
NewPassword = NewPassword,
NewPasswordConfirmation = NewPassword
}
);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
response = await TestServerFixture.AuthenticateAsAsync(
TestUserDataBuilder.AdministratorEmail,
NewPassword,
Output
);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
response = await TestServerFixture.Client.PutAsync(
AllInOne.Common.Constants.Api.V1.Account.Password,
Output,
new ChangePasswordRequestDto
{
CurrentPassword = NewPassword,
NewPassword = TestUserDataBuilder.Password,
NewPasswordConfirmation = TestUserDataBuilder.Password
}
);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
response = await TestServerFixture.AuthenticateAsAsync(
TestUserDataBuilder.AdministratorEmail,
TestUserDataBuilder.Password,
Output
);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
}
public async Task Should_Register_Confirm_And_Login_As_Anonymous()
{
// As Anonymous
TestServerFixture.AuthenticateAsAnonymous();
// Register
var response = await TestServerFixture.Client.PostAsync(
AllInOne.Common.Constants.Api.V1.Authentication.Register,
Output,
new RegistrationRequestDto
{
Email = NewEmail,
Firstname = NewFirstname,
Lastname = NewLastname,
Password = NewPassword,
PasswordConfirmation = NewPassword
}
);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
// Get token from Logs
var log = TestServerFixture.Logs.Last(l => l.Contains("EmailConfirmationToken"));
var token = Regex.Matches(log, @"(?<=\')(.*?)(?=\')").First().Value;
// Confirm invitation email
response = await TestServerFixture.Client.PutAsync(
AllInOne.Common.Constants.Api.V1.Authentication.ConfirmRegistrationEmail,
Output,
new ConfirmRegistrationEmailRequestDto
{
Token = token,
Email = NewEmail
}
);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
// Authentication as the new User
response = await TestServerFixture.AuthenticateAsAsync(NewEmail, NewPassword, Output);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
var dto = await response.ConvertToAsync <LoginResponseDto>(Output);
Assert.Equal(NewEmail, dto.CurrentUser.Email);
Assert.Equal(NewFirstname, dto.CurrentUser.Firstname);
Assert.Equal(NewLastname, dto.CurrentUser.Lastname);
// As Admin
await TestServerFixture.AuthenticateAsAdministratorAsync(Output);
// Delete User
response = await TestServerFixture.Client.DeleteAsync(
AllInOne.Common.Constants.Api.V1.User.Url,
Output,
dto.CurrentUser
);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
}
public async Task Should_Reset_Password_As_Anonymous()
{
// As Anonymous
TestServerFixture.AuthenticateAsAnonymous();
// Password forgotten
var response = await TestServerFixture.Client.PostAsync(
AllInOne.Common.Constants.Api.V1.Authentication.PasswordForgotten,
Output,
new PasswordForgottenRequestDto
{
Email = TestUserDataBuilder.AdministratorEmail
}
);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
// Get token from Logs
var log = TestServerFixture.Logs.Last(l => l.Contains("PasswordResetToken"));
var token = Regex.Matches(log, @"(?<=\')(.*?)(?=\')").First().Value;
// Reset password
response = await TestServerFixture.Client.PutAsync(
AllInOne.Common.Constants.Api.V1.Authentication.ResetPassword,
Output,
new ResetPasswordRequestDto
{
Token = token,
NewPassword = NewPassword,
NewPasswordConfirmation = NewPassword,
Email = TestUserDataBuilder.AdministratorEmail
}
);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
// Authentication as Administrator using original Password
response = await TestServerFixture.AuthenticateAsAsync(
TestUserDataBuilder.AdministratorEmail,
TestUserDataBuilder.Password,
Output
);
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
// Authentication as Administrator using new Password
response = await TestServerFixture.AuthenticateAsAsync(
TestUserDataBuilder.AdministratorEmail,
NewPassword,
Output
);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
// Restore original Password
response = await TestServerFixture.Client.PutAsync(
AllInOne.Common.Constants.Api.V1.Account.Password,
Output,
new ChangePasswordRequestDto
{
CurrentPassword = NewPassword,
NewPassword = TestUserDataBuilder.Password,
NewPasswordConfirmation = TestUserDataBuilder.Password
}
);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
}
public async Task Should_Invite_Confirm_Login_And_Delete_As_Administrator()
{
// As Admin
await TestServerFixture.AuthenticateAsAdministratorAsync(Output);
// Roles
var response = await TestServerFixture.Client.GetAsync(
AllInOne.Common.Constants.Api.V1.Role.Url,
Output
);
var rolesDto = await response.ConvertToAsync <RoleDto[]>(Output);
// Create new User
var newUser = new InviteUserRequestDto
{
Email = Email,
Firstname = "FirstName",
Lastname = "LastName",
RoleId = rolesDto.First(r => r.Name == Domains.Core.Constants.Roles.Administrator).Id
};
response = await TestServerFixture.Client.PostAsync(
AllInOne.Common.Constants.Api.V1.User.Url,
Output,
newUser
);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
var userDto = await response.ConvertToAsync <UserDto>(Output);
Assert.Equal(Email, userDto.Email);
Assert.Equal("FirstName", userDto.Firstname);
Assert.Equal("LastName", userDto.Lastname);
Assert.Equal(Domains.Core.Constants.Roles.Administrator, userDto.RoleName);
Assert.False(string.IsNullOrEmpty(userDto.RoleName));
Assert.False(string.IsNullOrEmpty(userDto.InvitedBy));
// Get token from Logs
var log = TestServerFixture.Logs.Last(l => l.Contains("EmailConfirmationToken"));
var token = Regex.Matches(log, @"(?<=\')(.*?)(?=\')").First().Value;
// Confirm invitation email
response = await TestServerFixture.Client.PutAsync(
AllInOne.Common.Constants.Api.V1.Authentication.ConfirmInvitationEmail,
Output,
new ConfirmInvitationEmailRequestDto
{
Token = token,
Password = Password,
PasswordConfirmation = Password,
Email = Email
}
);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
// Login
response = await TestServerFixture.AuthenticateAsAsync(Email, Password, Output);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
var dto = await response.ConvertToAsync <LoginResponseDto>(Output);
// As Admin
await TestServerFixture.AuthenticateAsAdministratorAsync(Output);
// Delete User
response = await TestServerFixture.Client.DeleteAsync(
AllInOne.Common.Constants.Api.V1.User.Url,
Output,
dto.CurrentUser
);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
// Not Login
response = await TestServerFixture.AuthenticateAsAsync(Email, Password, Output);
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
}