public static IEnrichedContentEntity CreateRef(NamedId <DomainId> schemaId, DomainId id, string field, string value)
{
var now = SystemClock.Instance.GetCurrentInstant();
var data =
new ContentData()
.AddField(field,
new ContentFieldData()
.AddInvariant(value));
var content = new ContentEntity
{
Id = id,
Version = 1,
Created = now,
CreatedBy = RefToken.User("user1"),
LastModified = now,
LastModifiedBy = RefToken.User("user2"),
Data = data,
SchemaId = schemaId,
Status = Status.Draft,
StatusColor = "red"
};
return(content);
}
public async Task Should_throw_exception_if_number_of_apps_reached()
{
var userId = Guid.NewGuid().ToString();
var command = new CreateApp
{
Actor = RefToken.User(userId)
};
var commandContext = new CommandContext(command, commandBus);
options.MaximumNumberOfApps = 3;
var user = A.Fake <IUser>();
A.CallTo(() => user.Id)
.Returns(userId);
A.CallTo(() => user.Claims)
.Returns(Enumerable.Repeat(new Claim(SquidexClaimTypes.TotalApps, "5"), 1).ToList());
A.CallTo(() => userResolver.FindByIdAsync(userId, default))
.Returns(user);
var isNextCalled = false;
await Assert.ThrowsAsync <ValidationException>(() => sut.HandleAsync(commandContext, x =>
{
isNextCalled = true;
return(Task.CompletedTask);
}));
Assert.False(isNextCalled);
}
public async Task Should_increment_total_apps_if_maximum_not_reached_and_completed()
{
var userId = Guid.NewGuid().ToString();
var command = new CreateApp
{
Actor = RefToken.User(userId)
};
var commandContext = new CommandContext(command, commandBus);
options.MaximumNumberOfApps = 10;
var user = A.Fake <IUser>();
A.CallTo(() => user.Id)
.Returns(userId);
A.CallTo(() => user.Claims)
.Returns(Enumerable.Repeat(new Claim(SquidexClaimTypes.TotalApps, "5"), 1).ToList());
A.CallTo(() => userResolver.FindByIdAsync(userId, default))
.Returns(user);
await sut.HandleAsync(commandContext, x =>
{
x.Complete(true);
return(Task.CompletedTask);
});
A.CallTo(() => userResolver.SetClaimAsync(userId, SquidexClaimTypes.TotalApps, "6", true, default))
.MustHaveHappened();
}
public static IEnrichedAssetEntity Create(DomainId id)
{
var now = SystemClock.Instance.GetCurrentInstant();
var asset = new AssetEntity
{
Id = id,
AppId = TestApp.DefaultId,
Version = 1,
Created = now,
CreatedBy = RefToken.User("user1"),
LastModified = now,
LastModifiedBy = RefToken.Client("client1"),
FileName = "MyFile.png",
Slug = "myfile.png",
FileSize = 1024,
FileHash = "ABC123",
FileVersion = 123,
MimeType = "image/png",
Type = AssetType.Image,
MetadataText = "metadata-text",
Metadata =
new AssetMetadata()
.SetPixelWidth(800)
.SetPixelHeight(600),
TagNames = new[]
{
"tag1",
"tag2"
}.ToHashSet()
};
return(asset);
}
public async Task Should_write_asset_urls()
{
var me = RefToken.User("123");
var assetsUrl = "https://old.squidex.com/api/assets/";
var assetsUrlApp = "https://old.squidex.com/api/assets/my-app";
A.CallTo(() => urlGenerator.AssetContentBase())
.Returns(assetsUrl);
A.CallTo(() => urlGenerator.AssetContentBase(appId.Name))
.Returns(assetsUrlApp);
var writer = A.Fake <IBackupWriter>();
var context = new BackupContext(appId.Id, new UserMapping(me), writer);
await sut.BackupEventAsync(Envelope.Create(new AppCreated
{
Name = appId.Name
}), context);
A.CallTo(() => writer.WriteJsonAsync(A <string> ._,
A <BackupContents.Urls> .That.Matches(x =>
x.Assets == assetsUrl &&
x.AssetsApp == assetsUrlApp)))
.MustHaveHappened();
}
public void Should_not_throw_exception_if_user_is_null()
{
var operation = Operation(CreateContent(Status.Draft), normalSchema, null);
((ContentEntity)operation.Snapshot).CreatedBy = RefToken.User("456");
operation.MustHavePermission(Permissions.AppContentsDelete);
}
public async Task Should_assign_actor_from_subject()
{
httpContext.User = CreatePrincipal(OpenIdClaims.Subject, "my-user", "My User");
var context = await HandleAsync(new CreateContent());
Assert.Equal(RefToken.User("my-user"), ((SquidexCommand)context.Command).Actor);
}
public async Task CanAssign_should_throw_exception_if_user_is_actor()
{
var command = new AssignContributor {
ContributorId = "3", Role = Role.Editor, Actor = RefToken.User("3")
};
await Assert.ThrowsAsync <DomainForbiddenException>(() => GuardAppContributors.CanAssign(command, App(contributors_0), users, appPlan));
}
public void Should_not_throw_exception_if_user_is_null()
{
var context = CreateContext(CreateContent(Status.Draft), normalSchema, null);
((ContentEntity)context.Content).CreatedBy = RefToken.User("456");
context.MustHavePermission(Permissions.AppContentsDelete);
}
public void Should_throw_exception_if_content_is_from_another_user_and_user_has_no_permission()
{
var context = CreateContext(CreateContent(Status.Draft), normalSchema);
((ContentEntity)((ContentEntity)context.Content)).CreatedBy = RefToken.User("456");
Assert.Throws <DomainForbiddenException>(() => context.MustHavePermission(Permissions.AppContentsDelete));
}
public void Backup(string userId)
{
Guard.NotNullOrEmpty(userId, nameof(userId));
if (!userMap.ContainsKey(userId))
{
userMap[userId] = RefToken.User(userId);
}
}
public void CanChangePlan_should_not_throw_exception_if_same_user_but_other_plan()
{
var command = new ChangePlan {
PlanId = "basic", Actor = RefToken.User("me")
};
var plan = new AppPlan(command.Actor, "premium");
GuardApp.CanChangePlan(command, App(plan), appPlans);
}
public async Task Should_not_override_actor()
{
httpContext.User = CreatePrincipal(OpenIdClaims.ClientId, "my-client", null);
var customActor = RefToken.User("me");
var context = await HandleAsync(new CreateContent { Actor = customActor });
Assert.Equal(customActor, ((SquidexCommand)context.Command).Actor);
}
public async Task Should_restore_states_for_all_contents()
{
var me = RefToken.User("123");
var schemaId1 = NamedId.Of(DomainId.NewGuid(), "my-schema1");
var schemaId2 = NamedId.Of(DomainId.NewGuid(), "my-schema2");
var contentId1 = DomainId.NewGuid();
var contentId2 = DomainId.NewGuid();
var contentId3 = DomainId.NewGuid();
var context = new RestoreContext(appId.Id, new UserMapping(me), A.Fake <IBackupReader>(), DomainId.NewGuid());
await sut.RestoreEventAsync(ContentEvent(new ContentCreated
{
ContentId = contentId1,
SchemaId = schemaId1
}), context);
await sut.RestoreEventAsync(ContentEvent(new ContentCreated
{
ContentId = contentId2,
SchemaId = schemaId1
}), context);
await sut.RestoreEventAsync(ContentEvent(new ContentCreated
{
ContentId = contentId3,
SchemaId = schemaId2
}), context);
await sut.RestoreEventAsync(ContentEvent(new ContentDeleted
{
ContentId = contentId2,
SchemaId = schemaId1
}), context);
await sut.RestoreEventAsync(Envelope.Create(new SchemaDeleted
{
SchemaId = schemaId2
}), context);
var rebuildContents = new HashSet <DomainId>();
A.CallTo(() => rebuilder.InsertManyAsync <ContentDomainObject, ContentDomainObject.State>(A <IEnumerable <DomainId> > ._, A <CancellationToken> ._))
.Invokes((IEnumerable <DomainId> source, CancellationToken _) => rebuildContents.AddRange(source));
await sut.RestoreAsync(context);
Assert.Equal(new HashSet <DomainId>
{
DomainId.Combine(appId.Id, contentId1),
DomainId.Combine(appId.Id, contentId2)
}, rebuildContents);
}
public void CanChangePlan_should_throw_exception_if_plan_id_is_null()
{
var command = new ChangePlan {
Actor = RefToken.User("me")
};
AppPlan?plan = null;
ValidationAssert.Throws(() => GuardApp.CanChangePlan(command, App(plan), appPlans),
new ValidationError("Plan ID is required.", "PlanId"));
}
public void CanChangePlan_should_throw_exception_if_plan_not_found()
{
var command = new ChangePlan {
PlanId = "notfound", Actor = RefToken.User("me")
};
AppPlan?plan = null;
ValidationAssert.Throws(() => GuardApp.CanChangePlan(command, App(plan), appPlans),
new ValidationError("A plan with this id does not exist.", "PlanId"));
}
public void CanChangePlan_should_throw_exception_if_plan_was_configured_from_another_user()
{
var command = new ChangePlan {
PlanId = "basic", Actor = RefToken.User("me")
};
var plan = new AppPlan(RefToken.User("other"), "premium");
ValidationAssert.Throws(() => GuardApp.CanChangePlan(command, App(plan), appPlans),
new ValidationError("Plan can only changed from the user who configured the plan initially."));
}
public async Task Should_assign_actor_from_subject()
{
httpContext.User = CreatePrincipal(OpenIdClaims.Subject, "me");
var command = new CreateContent();
var context = Ctx(command);
await sut.HandleAsync(context);
Assert.Equal(RefToken.User("me"), command.Actor);
}
public async Task Should_render_ref_token(string template, string expected)
{
var value = new
{
User = RefToken.User("me")
};
var result = await RenderAync(template, value);
Assert.Equal(expected, result);
}
public void Should_not_throw_exception_if_content_is_from_another_user_but_user_has_permission()
{
var userPermission = Permissions.ForApp(Permissions.AppContentsDelete, appId.Name, schemaId.Name).Id;
var userObject = Mocks.FrontendUser(permission: userPermission);
var context = CreateContext(CreateContent(Status.Draft), normalSchema, userObject);
((ContentEntity)context.Content).CreatedBy = RefToken.User("456");
context.MustHavePermission(Permissions.AppContentsDelete);
}
public void CheckPermission_should_exception_if_content_is_from_another_user_and_user_has_no_permission()
{
var content = CreateContent(Status.Published);
var commandActor = RefToken.User("456");
var command = CreateCommand(new DeleteContent {
Actor = commandActor
});
Assert.Throws <DomainForbiddenException>(() => GuardContent.CheckPermission(content, command, Permissions.AppContentsDelete));
}
public async Task Should_create_event_with_actor()
{
var actor = RefToken.User("me");
var envelope = Envelope.Create <AppEvent>(new RuleManuallyTriggered {
Actor = actor
});
var result = await sut.CreateEnrichedEventsAsync(envelope);
Assert.Equal(actor, ((EnrichedUserEventBase)result.Single()).Actor);
}
public void Should_convert_to_string()
{
var obj1 = new Class1 <RefToken, RefToken>
{
P1 = RefToken.User("1"),
P2 = RefToken.User("2")
};
var obj2 = SimpleMapper.Map(obj1, new Class2 <string, string>());
Assert.Equal("subject:2", obj2.P2);
Assert.Null(obj2.P3);
}
public async Task Should_not_override_actor()
{
httpContext.User = CreatePrincipal(OpenIdClaims.ClientId, "my-client");
var command = new CreateContent {
Actor = RefToken.User("me")
};
var context = Ctx(command);
await sut.HandleAsync(context);
Assert.Equal(RefToken.User("me"), command.Actor);
}
public void CheckPermission_should_not_throw_exception_if_user_is_null()
{
var content = CreateContent(Status.Published);
var commandActor = RefToken.User("456");
var command = CreateCommand(new DeleteContent {
Actor = commandActor
});
command.User = null;
GuardContent.CheckPermission(content, command, Permissions.AppContentsDelete);
}
public void CheckPermission_should_not_throw_exception_if_content_is_from_another_user_but_user_has_permission()
{
var content = CreateContent(Status.Published);
var permission = Permissions.ForApp(Permissions.AppContentsDelete, appId.Name, schemaId.Name).Id;
var commandUser = Mocks.FrontendUser(permission: permission);
var commandActor = RefToken.User("456");
var command = CreateCommand(new DeleteContent {
Actor = commandActor, User = commandUser
});
GuardContent.CheckPermission(content, command, Permissions.AppContentsDelete);
}
public async Task Should_call_grain_when_restoring_backup()
{
var grain = A.Fake <IRestoreGrain>();
A.CallTo(() => grainFactory.GetGrain <IRestoreGrain>(SingleGrain.Id, null))
.Returns(grain);
var initiator = RefToken.User("me");
var restoreUrl = new Uri("http://squidex.io");
var restoreAppName = "New App";
await sut.StartRestoreAsync(initiator, restoreUrl, restoreAppName);
A.CallTo(() => grain.RestoreAsync(restoreUrl, initiator, restoreAppName))
.MustHaveHappened();
}
public async Task RestoreAsync(IBackupReader reader, IUserResolver userResolver)
{
Guard.NotNull(reader, nameof(reader));
Guard.NotNull(userResolver, nameof(userResolver));
var json = await reader.ReadJsonAsync <Dictionary <string, string> >(UsersFile);
foreach (var(userId, email) in json)
{
var(user, _) = await userResolver.CreateUserIfNotExistsAsync(email, false);
if (user != null)
{
userMap[userId] = RefToken.User(user.Id);
}
}
}
private static IAppEntity CreateApp(string plan)
{
var app = A.Dummy <IAppEntity>();
if (plan != null)
{
A.CallTo(() => app.Plan)
.Returns(new AppPlan(RefToken.User("me"), plan));
}
else
{
A.CallTo(() => app.Plan)
.Returns(null);
}
return(app);
}
public static RefToken?Token(this ClaimsPrincipal principal)
{
var subjectId = principal.OpenIdSubject();
var clientId = principal.OpenIdClientId();
if (!string.IsNullOrWhiteSpace(clientId) && (string.Equals(clientId, subjectId, StringComparison.Ordinal) || string.IsNullOrWhiteSpace(subjectId)))
{
return(RefToken.Client(clientId));
}
if (!string.IsNullOrWhiteSpace(subjectId))
{
return(RefToken.User(subjectId));
}
return(null);
}
