public async Task CreateAttachment_ValidationError_ShouldReturn400() { // Arrange var note = await WolkDbContext.CreateAndSaveNote(); var contents = new byte[] { 1, 2, 3, 4 }; var model = new MutateAttachmentModel { Filename = new string('a', 301), Base64Contents = Convert.ToBase64String(contents) }; var url = $"/api/note/{note.Id}/attachments"; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json) }; var token = await GetJwt(); request.AddJwtBearer(token); // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.BadRequest, response.StatusCode); }
public async Task GetAll_HappyFlow() { // Arrange var notebook1 = await WolkDbContext.CreateAndSaveNotebook(); var notebook2 = await WolkDbContext.CreateAndSaveNotebook(); var url = "/api/notebook"; var request = new HttpRequestMessage(HttpMethod.Get, url); var token = await GetJwt(); request.AddJwtBearer(token); // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.OK, response.StatusCode); var content = await response.Content.ReadAsStringAsync(); var notebooks = JsonConvert.DeserializeObject <NotebookDto[]>(content); ShouldBeEqual(notebook1, notebooks[0]); ShouldBeEqual(notebook2, notebooks[1]); }
public async Task GetAllAttachments_HappyFlow() { // Arrange var note1 = await WolkDbContext.CreateAndSaveNote(); var note2 = await WolkDbContext.CreateAndSaveNote(); var file1 = await WolkDbContext.CreateAndSaveAttachment(note1); var file2 = await WolkDbContext.CreateAndSaveAttachment(note2); var file3 = await WolkDbContext.CreateAndSaveAttachment(note1); var url = $"/api/note/{note1.Id}/attachments"; var request = new HttpRequestMessage(HttpMethod.Get, url); var token = await GetJwt(); request.AddJwtBearer(token); // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.OK, response.StatusCode); var content = await response.Content.ReadAsStringAsync(); var attachments = JsonConvert.DeserializeObject <AttachmentDto[]>(content); Assert.AreEqual(2, attachments.Length); ShouldBeEqual(file1, attachments[0]); ShouldBeEqual(file3, attachments[1]); }
public async Task Update_HappyFlow() { // Arrange var notebook1 = await WolkDbContext.CreateAndSaveNotebook(); var notebook2 = await WolkDbContext.CreateAndSaveNotebook(); var note = await WolkDbContext.CreateAndSaveNote(notebook1); var url = $"/api/note/{note.Id}"; var model = new MutateNoteModel { Title = Guid.NewGuid().ToString(), Content = Guid.NewGuid().ToString(), NotebookId = notebook2.Id, NoteType = NoteType.Markdown }; var request = new HttpRequestMessage(HttpMethod.Put, url) { Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json) }; var token = await GetJwt(); request.AddJwtBearer(token); // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.NoContent, response.StatusCode); ShouldBeEqual(note, model); }
public async Task Update_HappyFlow() { // Arrange var notebook = await WolkDbContext.CreateAndSaveNotebook(); var url = $"/api/notebook/{notebook.Id}"; var model = new MutateNotebookModel { Name = Guid.NewGuid().ToString() }; var request = new HttpRequestMessage(HttpMethod.Put, url) { Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json) }; var token = await GetJwt(); request.AddJwtBearer(token); // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.NoContent, response.StatusCode); Assert.AreEqual(model.Name, notebook.Name); }
public async Task Create_HappyFlow() { // Arrange var url = "/api/note"; var notebook = await WolkDbContext.CreateAndSaveNotebook(); var model = new MutateNoteModel { Title = Guid.NewGuid().ToString(), Content = Guid.NewGuid().ToString(), NotebookId = notebook.Id, NoteType = NoteType.Markdown }; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json) }; var token = await GetJwt(); request.AddJwtBearer(token); // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.Created, response.StatusCode); var content = await response.Content.ReadAsStringAsync(); var returnedNote = JsonConvert.DeserializeObject <NoteDto>(content); var note = await WolkDbContext.Notes.SingleAsync(); ShouldBeEqual(note, returnedNote); }
public async Task GetAttachmentByAccessToken_HappyFlow() { // Arrange var attachment = await WolkDbContext.CreateAndSaveAttachment(); var accessToken = await WolkDbContext.CreateAndSaveAttachmentAccessToken(attachment); var token = accessToken.Token; var url = $"/api/note/1/attachments/{attachment.Id + 1}/accessTokens/{token}"; var request = new HttpRequestMessage(HttpMethod.Get, url); var jwt = await GetJwt(); request.AddJwtBearer(jwt); var path = Path.Combine(UploadsRootPath, attachment.InternalFilename); var uploadedFile = new byte[] { 3, 4, 1, 6, 12 }; EnsureFileExists(path, uploadedFile); // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.OK, response.StatusCode); var content = await response.Content.ReadAsByteArrayAsync(); Assert.IsTrue(uploadedFile.SequenceEqual(content)); }
public async Task Create_NotebookNotFound_ShouldReturn400() { // Arrange var url = "/api/note"; var notebook = await WolkDbContext.CreateAndSaveNotebook(); var model = new MutateNoteModel { Title = Guid.NewGuid().ToString(), Content = Guid.NewGuid().ToString(), NotebookId = notebook.Id + 1, NoteType = NoteType.Markdown }; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json) }; var token = await GetJwt(); request.AddJwtBearer(token); // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.BadRequest, response.StatusCode); }
public async Task Authenticate_CredentialsCorrect_RehashPassword() { // Arrange var pass = "******"; var hash = PasswordUtilities.CreateDeprecatedPasswordHash(pass); var url = "/api/user/authenticate"; var user = await WolkDbContext.CreateAndSaveUser(u => u.PasswordHash = hash); var model = new SignInModel { Email = user.Email, Password = pass }; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json) }; // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.OK, response.StatusCode); // Check that the password hash has changed Assert.AreNotEqual(hash, user.PasswordHash); var passwordHasher = new PasswordHasher <Domain.Entities.User>(); Assert.AreEqual( PasswordVerificationResult.Success, passwordHasher.VerifyHashedPassword(user, user.PasswordHash, pass)); }
protected async Task <string> GetJwt(User user = null) { if (user == null) { user = await WolkDbContext.CreateAndSaveUser(); } var jwtManager = ServiceProvider.GetService <IJwtManager>(); return(jwtManager.CreateJwt(user)); }
public async Task Authenticate_CredentialsCorrect() { // Arrange var url = "/api/user/authenticate"; var user = await WolkDbContext.CreateAndSaveUser(); var model = new SignInModel { Email = user.Email, Password = "******" }; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json) }; // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.OK, response.StatusCode); var content = await response.Content.ReadAsStringAsync(); var viewModel = JsonConvert.DeserializeObject <SignedInViewModel>(content); Assert.AreEqual(user.Id, viewModel.Id); Assert.AreEqual(user.Email, viewModel.Email); JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); var result = new JwtSecurityTokenHandler().ValidateToken(viewModel.Token, new TokenValidationParameters { IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(IdentityConfiguration.JwtSecret)), ValidateAudience = false, ValidateIssuer = false }, out var validatedToken); Assert.AreEqual(user.Id.ToString(), result.Claims.Single(c => c.Type == "sub").Value); // Act: do a call to get all notebooks with correct user token url = "/api/notebook"; request = new HttpRequestMessage(HttpMethod.Get, url); request.AddJwtBearer(viewModel.Token); using var notebookResponse = await HttpClient.SendAsync(request); // Assert Assert.IsTrue(notebookResponse.IsSuccessStatusCode); }
public async Task Delete_NoteNotFound_ShouldReturn404() { // Arrange var note = await WolkDbContext.CreateAndSaveNote(); var url = $"/api/note/{note.Id + 1}"; var request = new HttpRequestMessage(HttpMethod.Delete, url); var token = await GetJwt(); request.AddJwtBearer(token); // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.NotFound, response.StatusCode); }
public async Task Delete_HappyFlow() { // Arrange var note = await WolkDbContext.CreateAndSaveNote(); var url = $"/api/note/{note.Id}"; var request = new HttpRequestMessage(HttpMethod.Delete, url); var token = await GetJwt(); request.AddJwtBearer(token); // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.NoContent, response.StatusCode); Assert.IsFalse(await WolkDbContext.Notes.AnyAsync()); }
public async Task Register_EmailAlreadyExists_ShouldReturn409() { // Arrange var user = await WolkDbContext.CreateAndSaveUser(); var url = "/api/user"; var command = new CreateUserCommand { Email = user.Email, Password = "******" }; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(command), Encoding.UTF8, MimeTypes.Json) }; // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.Conflict, response.StatusCode); }
public async Task Authenticate_CredentialsIncorrect_ShouldReturn401() { // Arrange var url = "/api/user/authenticate"; var user = await WolkDbContext.CreateAndSaveUser(); var model = new SignInModel { Email = user.Email, Password = "******" }; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json) }; // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode); }
public async Task GetAttachmentByAccessToken_AttachmentNotFound_ShouldReturn404() { // Arrange var attachment = await WolkDbContext.CreateAndSaveAttachment(); var accessToken = await WolkDbContext.CreateAndSaveAttachmentAccessToken(attachment); var token = accessToken.Token + "1"; var url = $"/api/note/1/attachments/{attachment.Id + 1}/accessTokens/{token}"; var request = new HttpRequestMessage(HttpMethod.Get, url); var jwt = await GetJwt(); request.AddJwtBearer(jwt); // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.NotFound, response.StatusCode); }
public async Task Authenticate_CredentialsCorrect_UserIsDeleted_ShouldReturn401() { // Arrange var url = "/api/user/authenticate"; var user = await WolkDbContext.CreateAndSaveUser(); var model = new SignInModel { Email = user.Email, Password = "******" }; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json) }; // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.OK, response.StatusCode); var content = await response.Content.ReadAsStringAsync(); var viewModel = JsonConvert.DeserializeObject <SignedInViewModel>(content); // Act: delete user WolkDbContext.Users.Remove(user); await WolkDbContext.SaveChangesAsync(); // Act: do a call to get all notebooks with "deleted" user token url = "/api/notebook"; request = new HttpRequestMessage(HttpMethod.Get, url); request.AddJwtBearer(viewModel.Token); using var notebookResponse = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.Unauthorized, notebookResponse.StatusCode); }
public async Task CreateAttachmentAccessToken_HappyFlow() { // Arrange var attachment = await WolkDbContext.CreateAndSaveAttachment(); var model = new MutateAttachmentAccessTokenModel { ExpirationDateTime = new DateTimeOffset(2019, 12, 31, 23, 0, 0, TimeSpan.FromHours(2)) }; var url = $"/api/note/{attachment.NoteId}/attachments/{attachment.Id}/accessTokens"; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json) }; var token = await GetJwt(); request.AddJwtBearer(token); // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.Created, response.StatusCode); var content = await response.Content.ReadAsStringAsync(); var returnedToken = JsonConvert.DeserializeObject <AccessTokenResultDto>(content); Assert.AreEqual(model.ExpirationDateTime, returnedToken.ExpirationDateTime); Assert.IsTrue(Guid.TryParse(returnedToken.Token, out var _)); var addedToken = await WolkDbContext.AccessTokens.SingleAsync(); Assert.AreEqual(returnedToken.Token, addedToken.Token); Assert.AreEqual(returnedToken.ExpirationDateTime, addedToken.ExpirationDateTime); }
public async Task Delete_HappyFlow() { // Arrange var attachment = await WolkDbContext.CreateAndSaveAttachment(); var url = $"/api/note/1/attachments/{attachment.Id}"; var request = new HttpRequestMessage(HttpMethod.Delete, url); var token = await GetJwt(); request.AddJwtBearer(token); var expectedPath = Path.Combine(UploadsRootPath, attachment.InternalFilename); EnsureFileExists(expectedPath); // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.NoContent, response.StatusCode); Assert.IsFalse(await WolkDbContext.Attachments.AnyAsync()); Assert.AreEqual(0, MockFileService.Files.Count); }
public async Task Register_HappyFlow() { // Arrange var existingUser = await WolkDbContext.CreateAndSaveUser(); var url = "/api/user"; var command = new CreateUserCommand { Email = "*****@*****.**", Password = "******" }; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(command), Encoding.UTF8, MimeTypes.Json) }; // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.NoContent, response.StatusCode); var user = await WolkDbContext.Users.SingleAsync(u => u.Email == command.Email); AssertCorrectPassword(user, command.Password); }
public async Task Register_RegistrationTurnedOff_ShouldReturn400() { // Arrange var existingUser = await WolkDbContext.CreateAndSaveUser(); var url = "/api/user"; var command = new CreateUserCommand { Email = "*****@*****.**", Password = "******" }; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(command), Encoding.UTF8, MimeTypes.Json) }; // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.BadRequest, response.StatusCode); var content = await response.Content.ReadAsStringAsync(); Assert.IsTrue(content.Contains("User registration not allowed according to condiguration.")); }
public async Task CreateAttachment_HappyFlow() { // Arrange var note = await WolkDbContext.CreateAndSaveNote(); var contents = new byte[] { 1, 2, 3, 4 }; var model = new MutateAttachmentModel { Filename = "file.txt", Base64Contents = Convert.ToBase64String(contents) }; var url = $"/api/note/{note.Id}/attachments"; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json) }; var token = await GetJwt(); request.AddJwtBearer(token); // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.Created, response.StatusCode); var content = await response.Content.ReadAsStringAsync(); var returnedAttachment = JsonConvert.DeserializeObject <AttachmentDto>(content); var attachment = await WolkDbContext.Attachments.SingleAsync(); ShouldBeEqual(attachment, returnedAttachment); Assert.AreEqual(1, MockFileService.Files.Count); }
public async Task UploadBackup_ShouldRestoreEntitiesCorrectly() { // Arrange for (var i = 0; i < 10; i++) { await WolkDbContext.CreateAndSaveNote(); } var url = "/api/backup"; var zipPath = Path.Combine(AssemblyHelper.GetExecutingAssemblyRootPath(), "Files", "wolk-backup.zip"); var zipBytes = File.ReadAllBytes(zipPath); var model = new UploadBackupModel { ZipBytes = zipBytes }; var request = new HttpRequestMessage(HttpMethod.Post, url) { Content = new StringContent(JsonConvert.SerializeObject(model), Encoding.UTF8, MimeTypes.Json) }; var token = await GetJwt(); request.AddJwtBearer(token); // Act using var response = await HttpClient.SendAsync(request); // Assert Assert.AreEqual(HttpStatusCode.NoContent, response.StatusCode); // Assert access tokens var accessToken = await WolkDbContext.AccessTokens.SingleAsync(); Assert.AreEqual("1b7d6a57-a464-47c3-9ec7-e5a30403d8c7", accessToken.Token); Assert.AreEqual("1", accessToken.Identifier); // Assert attachments var attachment = await WolkDbContext.Attachments.SingleAsync(); Assert.AreEqual("b2e6ba68-4597-4404-a078-bee38e4085c8", attachment.InternalFilename); Assert.AreEqual(235567, attachment.FileSize); Assert.AreEqual("id.png", attachment.Filename); Assert.AreEqual(1, attachment.NoteId); // Assert notebooks var notebooks = await WolkDbContext.Notebooks.ToArrayAsync(); Assert.AreEqual(2, notebooks.Length); Assert.IsTrue(notebooks.All(n => n.Name == "Test notebook 1" || n.Name == "Test notebook 2")); // Assert notes var notes = await WolkDbContext.Notes.ToArrayAsync(); Assert.AreEqual(4, notes.Length); Assert.IsTrue(notes.All(n => n.Title == "Markdown test" || n.Title == "Plain text test" || n.Title == "Sticky notes test" || n.Title == "Todo.txt test")); // Assert users var user = await WolkDbContext.Users.SingleAsync(); Assert.AreEqual("*****@*****.**", user.Email); }