public void TestAddToUserRequestHistoryFromManipulator()
{
var user = Manipulator.GetUsersWhere("Email=\"msn\"")[0];
List <PreviousUserRequest> emptyRequests = new List <PreviousUserRequest>();
Assert.AreEqual(0, emptyRequests.Count);
List <PreviousUserRequest> appendedTo = new List <PreviousUserRequest>();
appendedTo.Add(new PreviousUserRequest()
{
Request = new RequestString()
{
Company = 1, Type = "Join"
}
});
appendedTo[0].Request.CalculateMD5();
user.EncodeRequests(appendedTo);
byte[] requestHistory = user.RequestHistory;
user.DecodeRequests();
Manipulator.UpdateUserPreviousRequests(user);
user = Manipulator.GetUsersWhere("Email=\"msn\"")[0];
Assert.AreEqual(requestHistory.Length, user.RequestHistory.Length);
for (int i = 0; i < requestHistory.Length; i++)
{
Assert.AreEqual(requestHistory[i], user.RequestHistory[i]);
}
emptyRequests = user.DecodeRequests();
Assert.AreEqual(1, emptyRequests.Count);
}
public void TestValidReport()
{
using (MySqlDataManipulator manipulator = new MySqlDataManipulator())
{
manipulator.Connect(TestingConstants.ConnectionString);
var reportedUser = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser2.Email))[0];
try
{
reportedUser.UpdateSettings(UserSettingsEntryKeys.DisplayName, "TerribleName");
Assert.IsTrue(manipulator.UpdateUsersSettings(reportedUser));
NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser1, manipulator);
var reportingUser = manipulator.GetUsersWhere(
string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email)
)[0];
var loginTokens = UserVerificationUtil.ExtractLoginTokens(reportingUser);
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(
TestingUserStorage.ValidUser1.ConstructReportMessage(
reportingUser.UserId,
loginTokens.LoginToken,
loginTokens.AuthToken,
"TerribleName"
), "POST"
);
var ctx = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
HttpWebResponse resp = null;
TestApi.POST(ctx);
try {
resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
} catch (WebException) {
Assert.Fail("Received an error message when one was not expected");
}
Assert.AreEqual(HttpStatusCode.OK, resp.StatusCode);
reportedUser = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser2.Email))[0];
var reportedUserSettings = JsonDataObjectUtil <List <UserSettingsEntry> > .ParseObject(reportedUser.Settings);
bool foundDisplayName = false;
foreach (UserSettingsEntry entry in reportedUserSettings)
{
if (entry.Key == UserSettingsEntryKeys.DisplayName)
{
foundDisplayName = true;
Assert.AreEqual("Default User " + reportedUser.UserId, entry.Value);
break;
}
}
Assert.IsTrue(foundDisplayName);
} finally
{
reportedUser.Settings = OverallUser.GenerateDefaultSettings();
Assert.IsTrue(manipulator.UpdateUsersSettings(reportedUser));
}
}
}
public void TestUnauthorizedOnNonLoggedInUser()
{
using (MySqlDataManipulator manipulator = new MySqlDataManipulator())
{
manipulator.Connect(TestingConstants.ConnectionString);
Assert.IsTrue(NetTestingUserUtils.LogInTestingUser(TestingUserStorage.ValidUser1));
var user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email))[0];
List <PreviousUserRequest> currentRequests = user.DecodeRequests();
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(
TestingUserStorage.ValidUser1.ConstructRetrievePreviousRequestsRequest(
user.UserId,
"x'ababbbaacbaba'"),
"PUT");
var ctx = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
TestApi.PUT(ctx);
HttpWebResponse resp = null;
try
{
resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
Assert.Fail("Expected an error response, but did not receive one");
}
catch (WebException e)
{
resp = e.Response as HttpWebResponse;
}
Assert.AreEqual(HttpStatusCode.Unauthorized, resp.StatusCode);
}
}
public void TestNotAuthorizedOnNonLoggedUser()
{
using (MySqlDataManipulator manipulator = new MySqlDataManipulator())
{
manipulator.Connect(TestingConstants.ConnectionString);
var user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email))[0];
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(
TestingUserStorage.ValidUser1.ConstructSecurityQuestionRequest("x'abaababaaababaaba'", user.UserId),
"POST");
var ctx = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
HttpWebResponse resp;
TestApi.POST(ctx);
try
{
resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
Assert.Fail("Expected an error message, but didn't receive one.");
}
catch (WebException e)
{
resp = e.Response as HttpWebResponse;
}
Assert.AreEqual(HttpStatusCode.Unauthorized, resp.StatusCode);
}
}
public void TestUnauthorizedOnNonLoggedInUser()
{
MySqlDataManipulator manipulator = new MySqlDataManipulator();
Assert.IsTrue(manipulator.Connect(TestingConstants.ConnectionString));
using (manipulator) {
PartCatalogueEntry entry = manipulator.GetPartCatalogueEntriesWhere(1,
string.Format("PartId=\"{0}\"", TestingPartEntry.ValidPartEntry1.PartId)
)[0];
Assert.IsTrue(NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser3, manipulator));
OverallUser validUser1 = manipulator.GetUsersWhere(
string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser3.Email)
)[0];
var loginTokens = UserVerificationUtil.ExtractLoginTokens(validUser1);
var message = TestingPartEntry.ValidPartEntry1.ConstructDeletionRequest(
validUser1.UserId, loginTokens.LoginToken, loginTokens.AuthToken, entry.Id
);
message["LoginToken"] = "x'abacbadabac'";
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(
message, "PATCH"
);
var context = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
TestApi.PATCH(context);
HttpWebResponse response;
try {
response = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
Assert.Fail("Expected and error response, but did not receive one");
} catch (WebException e) {
response = e.Response as HttpWebResponse;
}
Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode);
}
}
public void TestRetrieveUserSettingsDefaultValues()
{
using (MySqlDataManipulator manipulator = new MySqlDataManipulator())
{
manipulator.Connect(TestingConstants.ConnectionString);
Assert.IsTrue(NetTestingUserUtils.LogInTestingUser(TestingUserStorage.ValidUser1));
var user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email))[0];
var currentSettings = user.Settings;
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(
TestingUserStorage.ValidUser1.ConstructRetrieveSettingsRequest(
user.UserId,
UserVerificationUtil.ExtractLoginTokens(user).LoginToken),
"PUT");
var ctx = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
TestApi.PUT(ctx);
HttpWebResponse resp = null;
try
{
resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
}
catch (Exception e)
{
Assert.Fail(e.Message);
}
using (resp)
{
Assert.AreEqual(HttpStatusCode.OK, resp.StatusCode);
byte[] data = new byte[resp.ContentLength];
resp.GetResponseStream().Read(data, 0, data.Length);
string received = Encoding.UTF8.GetString(data);
Assert.AreEqual(currentSettings, received);
}
}
}
public void TestBadRequestOnInvalidUserId()
{
MySqlDataManipulator manipulator = new MySqlDataManipulator();
Assert.IsTrue(manipulator.Connect(TestingConstants.ConnectionString));
using (manipulator) {
Assert.IsTrue(NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser3, manipulator));
OverallUser validUser1 = manipulator.GetUsersWhere(
string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser3.Email)
)[0];
var loginTokens = UserVerificationUtil.ExtractLoginTokens(validUser1);
var message = TestingPartEntry.ValidPartEntry1.ConstructAdditionRequest(
validUser1.UserId, loginTokens.LoginToken, loginTokens.AuthToken
);
message["UserId"] = 0;
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(
message, "POST"
);
var context = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
TestApi.POST(context);
HttpWebResponse response;
try {
response = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
Assert.Fail("Expected an error response, but did not receive one");
} catch (WebException e) {
response = e.Response as HttpWebResponse;
}
Assert.AreEqual(HttpStatusCode.BadRequest, response.StatusCode);
}
}
public void TestNotFoundOnNonExistentUser()
{
using (MySqlDataManipulator manipulator = new MySqlDataManipulator())
{
manipulator.Connect(TestingConstants.ConnectionString);
Assert.IsTrue(NetTestingUserUtils.LogInTestingUser(TestingUserStorage.ValidUser1));
var user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email))[0];
var currentSettings = user.Settings;
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(
TestingUserStorage.ValidUser1.ConstructRetrieveSettingsRequest(
100000,
UserVerificationUtil.ExtractLoginTokens(user).LoginToken),
"PUT");
var ctx = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
TestApi.PUT(ctx);
HttpWebResponse resp = null;
try
{
resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
Assert.Fail("Expected error response, but did not receive one");
}
catch (WebException e)
{
resp = e.Response as HttpWebResponse;
}
Assert.AreEqual(HttpStatusCode.NotFound, resp.StatusCode);
}
}
/// <summary>
/// <para>Uses the supplied <see cref="MySqlDataManipulator"/> to add the setting to all of the specified targets</para>
/// </summary>
/// <param name="manipulator"></param>
public override void PerformFunction(MySqlDataManipulator manipulator)
{
if (Target.Equals("user"))
{
var users = manipulator.GetUsersWhere("id > 0");
foreach (OverallUser user in users)
{
//Add the setting to the user if they do not already have a setting with the same key
List <UserSettingsEntry> settings = JsonDataObjectUtil <List <UserSettingsEntry> > .ParseObject(user.Settings);
bool found = false;
foreach (UserSettingsEntry entry in settings)
{
if (entry.Key.Equals(Key))
{
found = true;
break;
}
}
if (!found)
{
settings.Add(new UserSettingsEntry()
{
Key = Key, Value = Value
});
user.Settings = JsonDataObjectUtil <List <UserSettingsEntry> > .ConvertObject(settings);
if (!manipulator.UpdateUsersSettings(user))
{
Console.WriteLine("Failed to update settings for user " + user.UserId);
continue;
}
Console.WriteLine("Updated settings for user " + user.UserId);
continue;
}
Console.WriteLine("User " + user.UserId + " already had a setting with key " + Key);
}
}
else if (Target.Equals("company"))
{
var companies = manipulator.GetCompaniesWithNamePortion("");
foreach (CompanyId company in companies)
{
//Add the setting to the company if it does not already have one with the same key
int companyId = company.Id;
bool found = manipulator.GetCompanySettingsWhere(companyId, "SettingKey = \"" + Key + "\"").Count == 1;
if (!found)
{
if (!manipulator.AddCompanySetting(companyId, new CompanySettingsEntry(Key, Value)))
{
Console.WriteLine("Company " + company.LegalName + " failed to have the setting added");
continue;
}
Console.WriteLine("Successfully added setting for company " + company.LegalName);
continue;
}
Console.WriteLine("Company " + company.LegalName + " already had a setting with key " + Key);
}
}
}
public void TestValidRequest()
{
using (MySqlDataManipulator manipulator = new MySqlDataManipulator())
{
manipulator.Connect(TestingConstants.ConnectionString);
Assert.IsTrue(NetTestingUserUtils.LogInTestingUser(TestingUserStorage.ValidUser1));
var user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email))[0];
var loginTokens = UserVerificationUtil.ExtractLoginTokens(user);
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(
TestingUserStorage.ValidUser1.ConstructSecurityQuestionRequest(loginTokens.LoginToken, user.UserId),
"POST");
var ctx = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
HttpWebResponse resp;
TestApi.POST(ctx);
try
{
resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
} catch (WebException e)
{
resp = e.Response as HttpWebResponse;
byte[] respData = new byte[resp.ContentLength];
resp.GetResponseStream().Read(respData, 0, respData.Length);
Console.WriteLine(Encoding.UTF8.GetString(respData));
throw e;
}
byte[] data = new byte[resp.ContentLength];
resp.GetResponseStream().Read(data, 0, data.Length);
string receivedData = Encoding.UTF8.GetString(data);
Assert.AreEqual(HttpStatusCode.OK, resp.StatusCode);
Assert.AreEqual(TestingUserStorage.ValidUser1.SecurityQuestion, receivedData);
}
}
public void TestNotFoundOnNonExistentUser()
{
using (MySqlDataManipulator manipulator = new MySqlDataManipulator())
{
manipulator.Connect(TestingConstants.ConnectionString);
NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser1, manipulator);
var reportingUser = manipulator.GetUsersWhere(
string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email)
)[0];
var loginTokens = UserVerificationUtil.ExtractLoginTokens(reportingUser);
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(
TestingUserStorage.ValidUser1.ConstructReportMessage(
10000000,
loginTokens.LoginToken,
loginTokens.AuthToken,
"TerribleName"
), "POST"
);
var ctx = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
HttpWebResponse resp = null;
TestApi.POST(ctx);
try {
resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
Assert.Fail("Expected an error message but never received one");
} catch (WebException e) {
resp = e.Response as HttpWebResponse;
}
Assert.AreEqual(HttpStatusCode.NotFound, resp.StatusCode);
}
}
public static bool AuthenticateTestingUser(TestingUserStorage.TestingUser userIn, MySqlDataManipulator manipulatorIn)
{
UserAuthApi api = new UserAuthApi(10000);
if (!LogInTestingUser(userIn))
{
return(false);
}
var databaseUser = manipulatorIn.GetUsersWhere(string.Format("Email=\"{0}\"", userIn.Email))[0];
var loginTokens = UserVerificationUtil.ExtractLoginTokens(databaseUser);
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(
userIn.ConstructAuthenticationRequest(loginTokens.LoginToken, databaseUser.UserId),
"PUT");
var ctx = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
api.PUT(ctx);
HttpWebResponse resp;
try
{
resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
return(true);
}
catch
{
return(false);
}
}
public void BadRequestOnInvalidUserId()
{
MySqlDataManipulator manipulator = new MySqlDataManipulator();
using (manipulator)
{
manipulator.Connect(TestingConstants.ConnectionString);
Assert.IsTrue(NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser2, manipulator));
OverallUser user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser2.Email))[0];
var loginTokens = UserVerificationUtil.ExtractLoginTokens(user);
var authReq = TestingUserStorage.ValidUser2.ConstructCheckAuthenticationStatusRequest(loginTokens.LoginToken, loginTokens.AuthToken, user.UserId);
authReq.SetMapping("UserId", 0);
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(authReq, "PUT");
var ctx = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
TestApi.PUT(ctx);
HttpWebResponse resp;
try
{
resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
Assert.Fail();
}
catch (WebException e)
{
resp = e.Response as HttpWebResponse;
}
Assert.AreEqual(HttpStatusCode.BadRequest, resp.StatusCode);
}
}
public void TestUploadRepairJobSimilarJobsForced()
{
using (MySqlDataManipulator manipulator = new MySqlDataManipulator())
{
manipulator.Connect(TestingConstants.ConnectionString);
NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser1, manipulator);
var uploadingUser = manipulator.GetUsersWhere(
string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email)
)[0];
var loginTokens = UserVerificationUtil.ExtractLoginTokens(uploadingUser);
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(
TestingRepairJobStorage.RepairJob1.ConstructCreationMessage(
uploadingUser.UserId,
loginTokens.LoginToken,
loginTokens.AuthToken,
1
), "POST"
);
var ctx = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
HttpWebResponse resp = null;
TestApi.POST(ctx);
try
{
resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
}
catch (WebException)
{
Assert.Fail("Received an error message when one was not expected");
}
Assert.AreEqual(HttpStatusCode.OK, resp.StatusCode);
}
}
public void TestUnauthorizedOnNotLoggedInUser()
{
using (MySqlDataManipulator manipulator = new MySqlDataManipulator())
{
manipulator.Connect(TestingConstants.ConnectionString);
NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser1, manipulator);
var uploadingUser = manipulator.GetUsersWhere(
string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email)
)[0];
var loginTokens = UserVerificationUtil.ExtractLoginTokens(uploadingUser);
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(
TestingRepairJobStorage.RepairJob1.ConstructCreationMessage(
uploadingUser.UserId,
"I'm Logged-In I Swear!",
loginTokens.AuthToken,
0
), "POST"
);
var ctx = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
HttpWebResponse resp = null;
TestApi.POST(ctx);
try
{
resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
}
catch (WebException e)
{
resp = e.Response as HttpWebResponse;
string message = e.Message;
}
Assert.AreEqual(HttpStatusCode.Unauthorized, resp.StatusCode);
}
}
public void TestValidAuthenticationRequest()
{
MySqlDataManipulator manipulator = new MySqlDataManipulator();
using (manipulator)
{
manipulator.Connect(TestingConstants.ConnectionString);
Assert.IsTrue(NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser2, manipulator));
OverallUser user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser2.Email))[0];
var loginTokens = UserVerificationUtil.ExtractLoginTokens(user);
var authReq = TestingUserStorage.ValidUser2.ConstructCheckAuthenticationStatusRequest(loginTokens.LoginToken, loginTokens.AuthToken, user.UserId);
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(authReq, "PUT");
var ctx = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
TestApi.PUT(ctx);
HttpWebResponse resp;
try
{
resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
}
catch (WebException e)
{
resp = e.Response as HttpWebResponse;
byte[] respData = new byte[resp.ContentLength];
resp.GetResponseStream().Read(respData, 0, respData.Length);
Console.WriteLine(Encoding.UTF8.GetString(respData));
throw e;
}
Assert.AreEqual(HttpStatusCode.OK, resp.StatusCode);
}
}
public void TestUpdateUserSetting()
{
using (MySqlDataManipulator manipulator = new MySqlDataManipulator())
{
manipulator.Connect(TestingConstants.ConnectionString);
Assert.IsTrue(NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser1, manipulator));
var user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email))[0];
user.Settings = OverallUser.GenerateDefaultSettings();
Assert.IsTrue(manipulator.UpdateUsersSettings(user));
var currentSettings = user.Settings;
var loginTokens = UserVerificationUtil.ExtractLoginTokens(user);
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(
TestingUserStorage.ValidUser1.ConstructChangeSettingRequest(
user.UserId,
loginTokens.LoginToken,
loginTokens.AuthToken,
UserSettingsEntryKeys.DisplayName,
"New Name #2!"),
"PATCH");
var ctx = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
TestApi.PATCH(ctx);
HttpWebResponse resp = null;
try
{
resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
}
catch (Exception e)
{
Assert.Fail(e.Message);
}
using (resp)
Assert.AreEqual(HttpStatusCode.OK, resp.StatusCode);
user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email))[0];
var newSettings = JsonDataObjectUtil <List <UserSettingsEntry> > .ParseObject(user.Settings);
foreach (UserSettingsEntry entry in newSettings)
{
if (entry.Key == UserSettingsEntryKeys.DisplayName)
{
Assert.AreEqual("New Name #2!", entry.Value);
break;
}
}
}
}
public void TestValidRequest()
{
MySqlDataManipulator manipulator = new MySqlDataManipulator();
Assert.IsTrue(manipulator.Connect(TestingConstants.ConnectionString));
using (manipulator) {
PartCatalogueEntry entry = manipulator.GetPartCatalogueEntriesWhere(1,
string.Format("PartId=\"{0}\"", TestingPartEntry.ValidPartEntry1.PartId)
)[0];
Assert.IsTrue(manipulator.RemovePartCatalogueEntry(
1, entry.Id
));
var entryList = manipulator.GetPartCatalogueEntriesWhere(
1,
string.Format("PartId=\"{0}\"", TestingPartEntry.ValidPartEntry1.PartId)
);
Assert.AreEqual(0, entryList.Count);
try {
Assert.IsTrue(NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser3, manipulator));
OverallUser validUser1 = manipulator.GetUsersWhere(
string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser3.Email)
)[0];
var loginTokens = UserVerificationUtil.ExtractLoginTokens(validUser1);
var message = TestingPartEntry.ValidPartEntry1.ConstructAdditionRequest(
validUser1.UserId, loginTokens.LoginToken, loginTokens.AuthToken
);
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(
message, "POST"
);
var context = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
TestApi.POST(context);
HttpWebResponse response;
try {
response = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
} catch (WebException e) {
response = e.Response as HttpWebResponse;
Assert.Fail("Server sent back an error response: {0}",
response.StatusCode);
}
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode);
var addedEntryList = manipulator.GetPartCatalogueEntriesWhere(
1,
string.Format("PartId=\"{0}\"", TestingPartEntry.ValidPartEntry1.PartId)
);
Assert.AreEqual(1, addedEntryList.Count);
} finally {
if (
manipulator.GetPartCatalogueEntriesWhere(1,
string.Format("PartId=\"{0}\"", TestingPartEntry.ValidPartEntry1.PartId)
).Count == 0
)
{
Assert.IsTrue(TestingDatabaseCreationUtils.InitializePartCatelogueEntries());
}
}
}
}
public void TestRetrievePastRequests()
{
using (MySqlDataManipulator manipulator = new MySqlDataManipulator())
{
manipulator.Connect(TestingConstants.ConnectionString);
Assert.IsTrue(NetTestingUserUtils.LogInTestingUser(TestingUserStorage.ValidUser1));
var user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email))[0];
List <PreviousUserRequest> currentRequests = user.DecodeRequests();
currentRequests.Add(new PreviousUserRequest()
{
Request = new RequestString()
{
Company = 1, Type = "TestingRequest"
},
RequestStatus = "Completed"
});
user.EncodeRequests(currentRequests);
Assert.IsTrue(manipulator.UpdateUserPreviousRequests(user));
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(
TestingUserStorage.ValidUser1.ConstructRetrievePreviousRequestsRequest(
user.UserId,
UserVerificationUtil.ExtractLoginTokens(user).LoginToken),
"PUT");
var ctx = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
TestApi.PUT(ctx);
HttpWebResponse resp = null;
try
{
resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
}
catch (Exception e)
{
Assert.Fail(e.Message);
}
using (resp)
{
Assert.AreEqual(HttpStatusCode.OK, resp.StatusCode);
byte[] data = new byte[resp.ContentLength];
resp.GetResponseStream().Read(data, 0, data.Length);
string received = Encoding.UTF8.GetString(data);
var receivedRequests = JsonDataObjectUtil <List <PreviousUserRequest> > .ParseObject(received);
Assert.AreEqual(currentRequests.Count, receivedRequests.Count);
for (int i = 0; i < currentRequests.Count; i++)
{
Assert.AreEqual(currentRequests[i], receivedRequests[i]);
}
}
}
}
public void TestCreateValidUser1()
{
MySqlDataManipulator manipulator = new MySqlDataManipulator();
using (manipulator)
{
manipulator.Connect(TestingConstants.ConnectionString);
Assert.IsTrue(manipulator.RemoveUserByEmail(TestingUserStorage.ValidUser1.Email));
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(
TestingUserStorage.ValidUser1.ConstructCreationMessage(),
"POST");
var ctx = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
TestApi.POST(ctx);
HttpWebResponse resp;
try
{
resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
}
catch (WebException e)
{
resp = e.Response as HttpWebResponse;
}
try
{
Assert.AreEqual(HttpStatusCode.OK, resp.StatusCode);
}
catch (AssertFailedException e)
{
byte[] respData = new byte[resp.ContentLength];
resp.GetResponseStream().Read(respData, 0, respData.Length);
Console.WriteLine(Encoding.UTF8.GetString(respData));
TestingDatabaseCreationUtils.InitializeUsers();
throw e;
}
var createdUser = manipulator.GetUsersWhere(string.Format("Email = \"{0}\"", TestingUserStorage.ValidUser1.Email));
Assert.IsNotNull(createdUser);
Assert.AreEqual(1, createdUser.Count);
Assert.AreEqual(TestingUserStorage.ValidUser1.Email, createdUser[0].Email);
}
}
public void TestLoginUser()
{
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(
TestingUserStorage.ValidUser1.ConstructLoginRequest(),
"PUT");
var ctx = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
TestApi.PUT(ctx);
HttpWebResponse resp;
try
{
resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
} catch (WebException e)
{
resp = e.Response as HttpWebResponse;
}
try
{
Assert.AreEqual(HttpStatusCode.OK, resp.StatusCode);
} catch (AssertFailedException e)
{
byte[] respData = new byte[resp.ContentLength];
resp.GetResponseStream().Read(respData, 0, respData.Length);
Console.WriteLine(Encoding.UTF8.GetString(respData));
throw e;
}
using (MySqlDataManipulator manipulator = new MySqlDataManipulator())
{
manipulator.Connect(TestingConstants.ConnectionString);
manipulator.UpdateUsersLoginToken(
manipulator.GetUsersWhere(
string.Format("Email=\"{0}\"",
TestingUserStorage.ValidUser1.Email)
)[0],
new LoginStatusTokens());
}
}
public void TestBadRequestOnInvalidUserId()
{
using (MySqlDataManipulator manipulator = new MySqlDataManipulator())
{
manipulator.Connect(TestingConstants.ConnectionString);
Assert.IsTrue(NetTestingUserUtils.AuthenticateTestingUser(TestingUserStorage.ValidUser1, manipulator));
var user = manipulator.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email))[0];
user.Settings = OverallUser.GenerateDefaultSettings();
Assert.IsTrue(manipulator.UpdateUsersSettings(user));
var currentSettings = user.Settings;
var loginTokens = UserVerificationUtil.ExtractLoginTokens(user);
object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage(
TestingUserStorage.ValidUser1.ConstructChangeSettingRequest(
0,
loginTokens.LoginToken,
loginTokens.AuthToken,
UserSettingsEntryKeys.DisplayName,
"New Name #2!"),
"PATCH");
var ctx = contextAndRequest[0] as HttpListenerContext;
var req = contextAndRequest[1] as HttpWebRequest;
TestApi.PATCH(ctx);
HttpWebResponse resp = null;
try
{
resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse;
Assert.Fail("Expected an error response, but did not receive one");
}
catch (WebException e)
{
resp = e.Response as HttpWebResponse;
}
using (resp)
Assert.AreEqual(HttpStatusCode.BadRequest, resp.StatusCode);
}
}
private void HandlePutRequest(HttpListenerContext ctx)
{
try
{
#region Input Validation
if (!ctx.Request.HasEntityBody)
{
WriteBodyResponse(ctx, 400, "Bad Request", "No Body");
return;
}
CompanyUsersApiGetRequest entry = JsonDataObjectUtil <CompanyUsersApiGetRequest> .ParseObject(ctx);
if (!ValidateGetRequest(entry))
{
WriteBodyResponse(ctx, 400, "Bad Request", "Incorrect Format");
return;
}
#endregion
MySqlDataManipulator connection = new MySqlDataManipulator();
using (connection)
{
bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString());
if (!res)
{
WriteBodyResponse(ctx, 500, "Unexpected Server Error", "Connection to database failed");
return;
}
#region User Validation
OverallUser mappedUser = connection.GetUserById(entry.UserId);
if (mappedUser == null)
{
WriteBodyResponse(ctx, 404, "Not Found", "User was not found on on the server");
return;
}
if (!UserVerificationUtil.LoginTokenValid(mappedUser, entry.LoginToken))
{
WriteBodyResponse(ctx, 401, "Not Authorized", "Login token was incorrect.");
return;
}
if (!UserVerificationUtil.AuthTokenValid(mappedUser, entry.AuthToken))
{
WriteBodyResponse(ctx, 401, "Not Authorized", "Auth token was incorrect.");
return;
}
if ((mappedUser.AccessLevel & AccessLevelMasks.AdminMask) == 0)
{
WriteBodyResponse(ctx, 401, "Not Authorized", "User was not an admin");
return;
}
#endregion
#region Action Handling
List <OverallUser> companyUsers = connection.GetUsersWhere("Company=" + mappedUser.Company);
JsonListStringConstructor retConstructor = new JsonListStringConstructor();
companyUsers.ForEach(user => retConstructor.AddElement(ConvertUserToOutput(user)));
WriteBodyResponse(ctx, 200, "OK", retConstructor.ToString());
#endregion
}
}
catch (HttpListenerException)
{
//HttpListeners dispose themselves when an exception occurs, so we can do no more.
}
catch (Exception e)
{
WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message);
}
}
public static bool InitializeUsers()
{
if (!DatabaseInitialized)
{
return(false);
}
MySqlDataManipulator initializer = new MySqlDataManipulator();
using (initializer)
{
if (!initializer.Connect(TestingConstants.ConnectionString))
{
Console.WriteLine("Encountered an error opening the global configuration connection");
Console.WriteLine(initializer.LastException.Message);
return(false);
}
if (initializer.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser1.Email)).Count == 0)
{
if (!initializer.AddUser(
TestingUserStorage.ValidUser1.Email,
TestingUserStorage.ValidUser1.Password,
TestingUserStorage.ValidUser1.SecurityQuestion,
TestingUserStorage.ValidUser1.SecurityAnswer,
TestingUserStorage.ValidUser1.AccessLevel
)
)
{
Console.WriteLine("Encountered an error adding the first valid user.");
Console.WriteLine(initializer.LastException.Message);
return(false);
}
}
if (initializer.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser2.Email)).Count == 0)
{
if (!initializer.AddUser(
TestingUserStorage.ValidUser2.Email,
TestingUserStorage.ValidUser2.Password,
TestingUserStorage.ValidUser2.SecurityQuestion,
TestingUserStorage.ValidUser2.SecurityAnswer,
TestingUserStorage.ValidUser2.AccessLevel
)
)
{
Console.WriteLine("Encountered an error adding the second valid user.");
Console.WriteLine(initializer.LastException.Message);
return(false);
}
}
if (initializer.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser3.Email)).Count == 0)
{
if (!initializer.AddUser(
TestingUserStorage.ValidUser3.Email,
TestingUserStorage.ValidUser3.Password,
TestingUserStorage.ValidUser3.SecurityQuestion,
TestingUserStorage.ValidUser3.SecurityAnswer,
TestingUserStorage.ValidUser3.AccessLevel
)
)
{
Console.WriteLine("Encountered an error adding the third valid user.");
Console.WriteLine(initializer.LastException.Message);
return(false);
}
}
if (initializer.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser4.Email)).Count == 0)
{
if (!initializer.AddUser(
TestingUserStorage.ValidUser4.Email,
TestingUserStorage.ValidUser4.Password,
TestingUserStorage.ValidUser4.SecurityQuestion,
TestingUserStorage.ValidUser4.SecurityAnswer,
TestingUserStorage.ValidUser4.AccessLevel
)
)
{
Console.WriteLine("Encountered an error adding the fourth valid user.");
Console.WriteLine(initializer.LastException.Message);
return(false);
}
}
if (initializer.GetUsersWhere(string.Format("Email=\"{0}\"", TestingUserStorage.ValidUser5.Email)).Count == 0)
{
if (!initializer.AddUser(
TestingUserStorage.ValidUser5.Email,
TestingUserStorage.ValidUser5.Password,
TestingUserStorage.ValidUser5.SecurityQuestion,
TestingUserStorage.ValidUser5.SecurityAnswer,
TestingUserStorage.ValidUser5.AccessLevel
)
)
{
Console.WriteLine("Encountered an error adding the fifth valid user.");
Console.WriteLine(initializer.LastException.Message);
return(false);
}
}
return(true);
}
}
/// <summary>
/// Request for creating a base mechanic user account. Documention is found in the Web API Enumeration file
/// in the /RepairJob/Requirements tab, starting at row 1
/// </summary>
/// <param name="ctx">The HttpListenerContext to respond to</param>
public void HandlePostRequest(HttpListenerContext ctx)
{
try
{
#region Input Validation
if (!ctx.Request.HasEntityBody)
{
WriteBodyResponse(ctx, 400, "No Body", "Request lacked a body");
return;
}
UserCreationRequest req = JsonDataObjectUtil <UserCreationRequest> .ParseObject(ctx);
if (req == null)
{
WriteBodyResponse(ctx, 400, "Incorrect Format", "Request was in the wrong format");
return;
}
if (!ValidateCreationResponse(req))
{
WriteBodyResponse(ctx, 400, "Incorrect Format", "Not all fields of the request were filled");
return;
}
#endregion
MySqlDataManipulator connection = new MySqlDataManipulator();
using (connection)
{
bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString());
if (!res)
{
WriteBodyResponse(ctx, 500, "Unexpected ServerError", "Connection to database failed");
return;
}
#region Action Handling
var users = connection.GetUsersWhere(" Email = \"" + req.Email + "\"");
if (users == null)
{
WriteBodyResponse(ctx, 500, "Unexpected Server Error", connection.LastException.Message);
return;
}
if (users.Count > 0)
{
WriteBodyResponse(ctx, 409, "User Conflict", "User with email already exists");
return;
}
res = connection.AddUser(req.Email, req.Password, req.SecurityQuestion, req.SecurityAnswer);
if (!res)
{
WriteBodyResponse(ctx, 500, "Unexpected ServerError", connection.LastException.Message);
return;
}
WriteBodylessResponse(ctx, 200, "OK");
#endregion
}
}
catch (HttpListenerException)
{
//HttpListeners dispose themselves when an exception occurs, so we can do no more.
}
catch (Exception e)
{
WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message);
}
}
/// <summary>
/// Request for a user to log in using their email and password. Documention is found in the Web API Enumeration file
/// in the /RepairJob/Requirements tab, starting at row 21
/// </summary>
/// <param name="ctx">The HttpListenerContext to respond to</param>
public void HandlePutRequest(HttpListenerContext ctx)
{
try
{
#region Input Validation
if (!ctx.Request.HasEntityBody)
{
WriteBodyResponse(ctx, 400, "No Body", "Request lacked a body");
return;
}
string reqString = new StreamReader(ctx.Request.InputStream).ReadToEnd();
UserLoginRequest req = JsonDataObjectUtil <UserLoginRequest> .ParseObject(reqString);
if (req == null)
{
WriteBodyResponse(ctx, 400, "Incorrect Format", "Request was in the wrong format");
return;
}
if (!ValidateLoginRequest(req))
{
UserCheckLoginStatusRequest req2 = JsonDataObjectUtil <UserCheckLoginStatusRequest> .ParseObject(reqString);
if (req2 != null && ValidateCheckLoginRequest(req2))
{
HandleCheckLoginRequest(ctx, req2);
return;
}
WriteBodyResponse(ctx, 400, "Incorrect Format", "Not all fields of the request were filled");
return;
}
#endregion
MySqlDataManipulator connection = new MySqlDataManipulator();
using (connection)
{
bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString());
if (!res)
{
WriteBodyResponse(ctx, 500, "Unexpected ServerError", "Connection to database failed");
return;
}
#region Action Handling
var users = connection.GetUsersWhere(" Email = \"" + req.Email + "\"");
if (users.Count == 0)
{
WriteBodyResponse(ctx, 404, "Not Found", "User was not found on the server");
return;
}
if (!UserVerificationUtil.VerifyLogin(users[0], req.Email, req.Password))
{
WriteBodyResponse(ctx, 401, "Unauthorized", "Email or password was incorrect");
return;
}
OverallUser loggedInUser = users[0];
LoginStatusTokens tokens = UserVerificationUtil.ExtractLoginTokens(loggedInUser);
UserVerificationUtil.GenerateNewLoginToken(tokens);
if (!connection.UpdateUsersLoginToken(loggedInUser, tokens))
{
WriteBodyResponse(ctx, 500, "Unexpected Server Error", "Failed to write login token to database");
return;
}
JsonDictionaryStringConstructor retConstructor = new JsonDictionaryStringConstructor();
retConstructor.SetMapping("token", tokens.LoginToken);
retConstructor.SetMapping("userId", loggedInUser.UserId);
retConstructor.SetMapping("accessLevel", loggedInUser.AccessLevel);
WriteBodyResponse(ctx, 200, "OK", retConstructor.ToString(), "application/json");
#endregion
}
}
catch (HttpListenerException)
{
//HttpListeners dispose themselves when an exception occurs, so we can do no more.
}
catch (Exception e)
{
WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message);
}
}
/// <summary>
/// Request for reporting a user's display name. Documention is found in the Web API Enumeration file
/// in the /User/Report tab, starting at row 1
/// </summary>
/// <param name="ctx">The HttpListenerContext to respond to</param>
private void HandlePostRequest(HttpListenerContext ctx)
{
try
{
#region Input Validation
if (!ctx.Request.HasEntityBody)
{
WriteBodyResponse(ctx, 400, "No Body", "Request lacked a body");
return;
}
UserReportRequest req = JsonDataObjectUtil <UserReportRequest> .ParseObject(ctx);
if (req == null)
{
WriteBodyResponse(ctx, 400, "Incorrect Format", "Request was in the wrong format");
return;
}
if (!ValidateRequest(req))
{
WriteBodyResponse(ctx, 400, "Incorrect Format", "Not all fields of the request were filled");
return;
}
#endregion
MySqlDataManipulator connection = new MySqlDataManipulator();
using (connection)
{
bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString());
if (!res)
{
WriteBodyResponse(ctx, 500, "Unexpected ServerError", "Connection to database failed");
return;
}
#region User Validation
var user = connection.GetUserById(req.ReportingUserId);
if (user == null)
{
WriteBodyResponse(ctx, 404, "Not Found", "User was not found on the server");
return;
}
if (!UserVerificationUtil.LoginTokenValid(user, req.LoginToken))
{
WriteBodyResponse(ctx, 401, "Unauthorized", "Login Token was expired or incorrect");
return;
}
if (!UserVerificationUtil.AuthTokenValid(user, req.AuthToken))
{
WriteBodyResponse(ctx, 401, "Unauthorized", "Auth Token was expired or incorrect");
return;
}
#endregion
#region Action Handling
var users = connection.GetUsersWhere("Settings like \"%Value\\\":\\\"" + req.ReportedDisplayName + "%\"");
if (users == null)
{
WriteBodyResponse(ctx, 500, "Unexpected Server Error", connection.LastException.Message);
return;
}
foreach (OverallUser reportedUser in users)
{
reportedUser.UpdateSettings(UserSettingsEntryKeys.DisplayName, "Default User " + reportedUser.UserId);
connection.UpdateUsersSettings(reportedUser);
}
WriteBodylessResponse(ctx, 200, "OK");
#endregion
}
}
catch (HttpListenerException)
{
//HttpListeners dispose themselves when an exception occurs, so we can do no more.
}
catch (Exception e)
{
WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message);
}
}