public void DInstruction_WhenAskedForKey_ReturnsEmail_ID() { //Arrange: An instruction with a unique key is constructed. DInstruction instruction = new DInstruction { Instruction_ID = -1 }; //Act: the key is retrieved. int key = instruction.key; //Assert: the key is the same as the friended user's ID. Assert.AreEqual(key, instruction.Instruction_ID); }
public void DInstructionWithSqlMembers_WhenScrubbed_BecomesSafe() { //Arrange: An instruction with malicious html and sql members is constructed. string malicious = "1');DELETE TABLE dbo.example;--"; DInstruction instruction = new DInstruction{ Description = malicious }; //Act: The friended user is scrubbed. instruction.Scrub(); //Assert: The friended user has no html in its members. Assert.AreNotEqual(malicious, instruction.Description); }
public void DInstructionWithHtmlMembers_WhenScrubbed_BecomesSafe() { //Arrange: An instruction with malicious sql members is constructed. string malicious = "<div></div>"; DInstruction instruction = new DInstruction{ Description = malicious }; //Act: The friended user is scrubbed. instruction.Scrub(); //Assert: The friended user has no html in its members. Assert.AreNotEqual(malicious, instruction.Description); }
public IEnumerable<DDrink> Instruction_Update(DInstruction updating, string username) { IDataRepository<DDrink> drinks = RepositoryFactory.Instance.Construct<DDrink>(username); IDataRepository<DInstruction> instructions; if((instructions = drinks.FirstOrDefault(x => updating.Drink_ID == x.Drink_ID) .instructions as IDataRepository<DInstruction>) != null){ //Drinks for instruction belong to the given user. instructions.Update(updating); } return drinks; }
public ActionResult Instruction_Create(DInstruction creating) { return View("Index"); }
public ActionResult Instruction_Update(DInstruction updating) { return View("Index"); }
public ActionResult Instruction_Delete(DInstruction deleting) { return View("Index"); }