public void An_Organization_Administrator_Can_Change_Name()
{
var controller = Mock();
controller.HttpContext.User = new RolePrincipal(new GenericIdentity(TestData.OrgAdminUsername));
var request = controller.Mock(x => x.ControllerContext.HttpContext.Request);
request.Setup(x => x.HttpMethod).Returns("POST");
var organization = new LinqMetaData().Organization.First(x => x.Users.Any(y => y.Username == controller.HttpContext.User.Identity.Name));
var oldName = organization.Name;
controller.RouteData.Values.Add("organizationId", organization.OrganizationId);
controller.RouteData.Values.Add("organizationModel", new OrganizationEntity
{
Name = "EPICCentralTest",
OrganizationType = OrganizationType.EndUser,
IsActive = true
});
controller.Invoke("Edit");
organization = new LinqMetaData().Organization.First(x => x.OrganizationId == organization.OrganizationId);
// test the rename was successful
Assert.AreEqual("EPICCentralTest", organization.Name);
// change it back
organization.Name = oldName;
organization.Save();
}
public ActionResult Register(RegisterModel model)
{
if (ModelState.IsValid)
{
// Get the restriction object with matching key and email address.
var accountRestriction = new LinqMetaData().AccountRestriction.First(u => u.RestrictionKey == model.RegistrationKey && u.EmailAddress == model.OriginalEmail);
if (accountRestriction == null)
{
throw new HttpException(404, SharedRes.Error.NotFound_User);
}
// It must be active and it must reference only ONE user object.
if (!accountRestriction.IsActive || accountRestriction.UserAccountRestrictions.Count != 1)
{
throw new HttpException(404, SharedRes.Error.NotFound_User);
}
// The user account must also be active.
if (!accountRestriction.UserAccountRestrictions[0].User.IsActive)
{
throw new HttpException(412, Account.Invalid_InactiveAccount);
}
// If there's a PIN required, the one in the form must match.
if (string.IsNullOrEmpty(accountRestriction.Parameters) || accountRestriction.Parameters == model.Pin.Trim())
{
var user = accountRestriction.UserAccountRestrictions[0].User;
// Attempt to register the user
MembershipCreateStatus createStatus;
Membership.CreateUser(model.UserName, model.Password, model.Email, null, null, true, user.UserId, out createStatus);
if (createStatus == MembershipCreateStatus.Success)
{
// Successfully created. Remove the join between the restriction and the user.
// Make the restriction inactive; it's kept around for auditing.
accountRestriction.UserAccountRestrictions[0].Delete();
accountRestriction.RemovalTime = DateTime.UtcNow;
accountRestriction.IsActive = false;
accountRestriction.Save();
// Set user to be authenticated and redirect to Home.
Global.FormsAuthentication.SetAuthCookie(model.UserName, false /* createPersistentCookie */);
return(RedirectToAction("Index", "Home"));
}
// Account creation error. Convert error code to message to display.
ModelState.AddModelError("", ErrorCodeToString(createStatus));
}
else
{
ModelState.AddModelError("", Account.Invalid_RegistrationPIN);
}
}
// If we got this far, something failed, redisplay form
return(View(model));
}
private static void Cleanup()
{
var user = new LinqMetaData().User.FirstOrDefault(x => x.Username == TestData.OrgAdminUsername);
var transaction = new Transaction(IsolationLevel.ReadCommitted, "reset");
EpicMembershipProvider.SetPassword(user, TestData.OrgAdminPassword, transaction);
transaction.Add(user);
user.Save();
transaction.Commit();
}
protected override void TestCleanup()
{
var device = new LinqMetaData().Device.FirstOrDefault();
Assert.IsNotNull(device);
device.DeviceState = DeviceState.Active;
device.Save();
base.TestCleanup();
}
public void Role_Change_Takes_Effect_Immediately()
{
// create the test user
Create_Edit_User(TestData.ServiceAdminUsername, true);
var testUser = new LinqMetaData().User.FirstOrDefault(x => x.FirstName == TestValues["FirstName"]);
Assert.IsNotNull(testUser);
// remove the restriction on the user account, this is faster than going through the registration process
testUser.Username = "******";
testUser.UserAccountRestrictions.DeleteMulti();
testUser.Save();
// check the menu
var menuController = Mock <MenuController>();
menuController.RouteData.DataTokens.Add("ParentActionViewContext", MockObjects.MockExtensions.Mock <ControllerContext>());
menuController.HttpContext.User = new RolePrincipal(new GenericIdentity("TestUser1"));
menuController.Invoke("ListMenu");
var originalMenu = menuController.Response.Output.ToString();
// change the role
var controller = Mock();
controller.HttpContext.User = new RolePrincipal(new GenericIdentity(TestData.ServiceAdminUsername));
var request = controller.Mock(x => x.ControllerContext.HttpContext.Request);
request.Setup(x => x.HttpMethod).Returns("POST");
// set the userId
controller.RouteData.Values.Add("userId", testUser.UserId);
// set the role to something else
TestValues["Role"] = OrganizationUtils.GetAllowedRoles(testUser.OrganizationId)
.First(x => !testUser.Roles.Any(y => y.RoleId == x.RoleId)).RoleId.ToString(CultureInfo.InvariantCulture);
request.SetupGet(x => x.Form).Returns(() => TestValues);
controller.Invoke("Edit");
testUser = new LinqMetaData().User.FirstOrDefault(x => x.FirstName == TestValues["FirstName"]);
Assert.IsNotNull(testUser);
// make sure the role has changed
Assert.AreEqual(testUser.Roles.First().RoleId.ToString(CultureInfo.InvariantCulture), TestValues["Role"]);
// make sure menu items have changed
menuController = Mock <MenuController>();
menuController.RouteData.DataTokens.Add("ParentActionViewContext", MockObjects.MockExtensions.Mock <ControllerContext>());
menuController.HttpContext.User = new RolePrincipal(new GenericIdentity("TestUser1"));
menuController.Invoke("ListMenu");
var newMenu = menuController.Response.Output.ToString();
Assert.AreNotEqual(originalMenu, newMenu);
}
protected override void TestCleanup()
{
// remove old devices
new LinqMetaData().Device.Where(x => x.SerialNumber == "DeviceTest" || x.SerialNumber == "DeviceTest1")
.ToList().ForEach(x =>
{
x.PurchaseHistories.DeleteMulti();
x.Delete();
});
var setting = new LinqMetaData().SystemSetting.Single(x => x.Name == "Enabled");
setting.Value = "True";
setting.Save();
// remove old rates
new LinqMetaData().ScanRate.Where(x => x.RatePerScan == (decimal)12345.67).ToList().ForEach(x => x.Delete());
}
public ActionResult ResetCompletion(ResetCompletionModel model)
{
if (ModelState.IsValid)
{
// Get the restriction object with matching key and email address.
var accountRestriction = new LinqMetaData().AccountRestriction.First(u => u.RestrictionKey == model.ResetKey && u.EmailAddress == model.OriginalEmail);
if (accountRestriction == null)
{
throw new HttpException(404, SharedRes.Error.NotFound_User);
}
// It must be active.
if (!accountRestriction.IsActive)
{
throw new HttpException(404, SharedRes.Error.NotFound_User);
}
if (model.Step == 1)
{
var user = accountRestriction.UserAccountRestrictions.Where(r => r.User.Username == model.UserName).Select(u => u.User).ToArray()[0];
if (!user.IsActive)
{
throw new HttpException(404, SharedRes.Error.NotFound_User);
}
model.Step = 2;
}
else
{
// NOTE: Presently validating presence of password here because it can't be required for
// step 1. Need to fix this so the standard validation can be used.
if (!string.IsNullOrWhiteSpace(model.Password))
{
if (accountRestriction.UserAccountRestrictions.Any(r => r.User.Username == model.UserName))
{
var user = Membership.GetUser(model.UserName);
if (user != null && !user.IsLockedOut)
{
if (user.SetPassword(model.Password))
{
// Successfully rest. Remove the joins between the restriction and the users.
// Make the restriction inactive; it's kept around for auditing.
foreach (var restriction in accountRestriction.UserAccountRestrictions)
{
restriction.Delete();
}
accountRestriction.RemovalTime = DateTime.UtcNow;
accountRestriction.IsActive = false;
accountRestriction.Save();
return(RedirectToAction("ResetCompletionSuccess"));
}
ModelState.AddModelError("", Account.Error_PasswordResetFailed);
}
else
{
ModelState.AddModelError("", Account.Invalid_AccountLocked);
}
}
else
{
throw new HttpException(404, SharedRes.Error.NotFound_User);
}
}
else
{
ModelState.AddModelError("", Account.Invalid_PasswordNotSpecified);
}
}
}
ModelState.SetModelValue("Step", new ValueProviderResult(null, null, null));
return(View(model));
}
