public void Authenticate_LockoutActiveUserOnly(UserAccountStatusEnum_Enumeration status, bool expectLockedOut) { const string password = "******"; UserAccount userAccount; PasswordPolicy passwordPolicy; passwordPolicy = Entity.Get <PasswordPolicy>("core:passwordPolicyInstance"); userAccount = new UserAccount(); userAccount.Name = "Test user " + Guid.NewGuid(); userAccount.AccountStatus_Enum = status; userAccount.Password = password; userAccount.Save(); for (int i = 0; i < passwordPolicy.AccountLockoutThreshold; i++) { try { UserAccountValidator.Authenticate( userAccount.Name, userAccount.Password + "_foo", // Invalid password RequestContext.GetContext().Tenant.Name, false); } catch (Exception) { // This will throw exceptions if the user is locked, disabled or expired. Ignore these exceptions in this test. } } userAccount = Entity.Get <UserAccount>(userAccount.Id); Assert.That(userAccount.AccountStatus_Enum, expectLockedOut ? Is.EqualTo(UserAccountStatusEnum_Enumeration.Locked) : Is.EqualTo(status)); }
public void Test_UserAccount_Invalid(UserAccountStatusEnum_Enumeration accountStatus) { string apiKey = "6cb36a1cd60e460bbbfce5af03eb9507"; // or whatever string tenantName = RunAsDefaultTenant.DefaultTenantName; Mock <IConnectorService> mockService; Mock <IEndpointResolver> mockEndpointResolver; IConnectorService apiKeyService; ConnectorRequest request; ConnectorResponse response; UserAccount userAccount; ApiKey key; // Define key and user using (new TenantAdministratorContext(tenantName)) { userAccount = new UserAccount( ); userAccount.Name = "Test user " + Guid.NewGuid( ); userAccount.AccountStatus_Enum = accountStatus; userAccount.Password = "******"; userAccount.Save( ); key = new ApiKey( ); key.Name = apiKey; key.ApiKeyEnabled = true; key.Save( ); } // Define service and mock mockService = new Mock <IConnectorService>(MockBehavior.Strict); mockEndpointResolver = new Mock <IEndpointResolver>(MockBehavior.Strict); apiKeyService = new ApiKeySecurity(mockService.Object, mockEndpointResolver.Object, Factory.EntityRepository); // Define request request = new ConnectorRequest { TenantName = tenantName, QueryString = new Dictionary <string, string> { { "key", apiKey } } }; // Place request response = apiKeyService.HandleRequest(request); Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.Unauthorized)); mockService.VerifyAll( ); }
/// <summary> /// Sets the account status. /// </summary> /// <param name="userName">Name of the user.</param> /// <param name="tenantName">Name of the tenant.</param> /// <param name="status">The status.</param> /// <returns></returns> /// <exception cref="System.ArgumentNullException"> /// userName /// or /// tenantName /// </exception> private static bool SetAccountStatus(string userName, string tenantName, UserAccountStatusEnum_Enumeration status) { if (string.IsNullOrEmpty(userName)) { throw new ArgumentNullException("userName"); } if (string.IsNullOrEmpty(tenantName)) { throw new ArgumentNullException("tenantName"); } long tenantId = TenantHelper.GetTenantId(tenantName); if (tenantId == -1) { return(false); } using (new TenantAdministratorContext(tenantId)) { ///// // Fetch the user account. ///// UserAccount userAccount = Entity.GetByField <UserAccount>(userName, true, new EntityRef("core", "name")).FirstOrDefault( ); if (userAccount == null) { return(false); } userAccount.AccountStatus_Enum = status; userAccount.Save( ); } return(true); }