public void Authenticate_LockoutActiveUserOnly(UserAccountStatusEnum_Enumeration status, bool expectLockedOut)
        {
            const string   password = "******";
            UserAccount    userAccount;
            PasswordPolicy passwordPolicy;

            passwordPolicy = Entity.Get <PasswordPolicy>("core:passwordPolicyInstance");

            userAccount      = new UserAccount();
            userAccount.Name = "Test user " + Guid.NewGuid();
            userAccount.AccountStatus_Enum = status;
            userAccount.Password           = password;
            userAccount.Save();

            for (int i = 0; i < passwordPolicy.AccountLockoutThreshold; i++)
            {
                try
                {
                    UserAccountValidator.Authenticate(
                        userAccount.Name,
                        userAccount.Password + "_foo", // Invalid password
                        RequestContext.GetContext().Tenant.Name,
                        false);
                }
                catch (Exception)
                {
                    // This will throw exceptions if the user is locked, disabled or expired. Ignore these exceptions in this test.
                }
            }

            userAccount = Entity.Get <UserAccount>(userAccount.Id);
            Assert.That(userAccount.AccountStatus_Enum,
                        expectLockedOut ? Is.EqualTo(UserAccountStatusEnum_Enumeration.Locked) : Is.EqualTo(status));
        }
Exemplo n.º 2
0
        public void Test_UserAccount_Invalid(UserAccountStatusEnum_Enumeration accountStatus)
        {
            string apiKey     = "6cb36a1cd60e460bbbfce5af03eb9507"; // or whatever
            string tenantName = RunAsDefaultTenant.DefaultTenantName;
            Mock <IConnectorService> mockService;
            Mock <IEndpointResolver> mockEndpointResolver;
            IConnectorService        apiKeyService;
            ConnectorRequest         request;
            ConnectorResponse        response;
            UserAccount userAccount;
            ApiKey      key;

            // Define key and user
            using (new TenantAdministratorContext(tenantName))
            {
                userAccount      = new UserAccount( );
                userAccount.Name = "Test user " + Guid.NewGuid( );
                userAccount.AccountStatus_Enum = accountStatus;
                userAccount.Password           = "******";
                userAccount.Save( );

                key               = new ApiKey( );
                key.Name          = apiKey;
                key.ApiKeyEnabled = true;
                key.Save( );
            }

            // Define service and mock
            mockService          = new Mock <IConnectorService>(MockBehavior.Strict);
            mockEndpointResolver = new Mock <IEndpointResolver>(MockBehavior.Strict);
            apiKeyService        = new ApiKeySecurity(mockService.Object, mockEndpointResolver.Object, Factory.EntityRepository);

            // Define request
            request = new ConnectorRequest
            {
                TenantName  = tenantName,
                QueryString = new Dictionary <string, string> {
                    { "key", apiKey }
                }
            };

            // Place request
            response = apiKeyService.HandleRequest(request);

            Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.Unauthorized));

            mockService.VerifyAll( );
        }
Exemplo n.º 3
0
        /// <summary>
        /// Sets the account status.
        /// </summary>
        /// <param name="userName">Name of the user.</param>
        /// <param name="tenantName">Name of the tenant.</param>
        /// <param name="status">The status.</param>
        /// <returns></returns>
        /// <exception cref="System.ArgumentNullException">
        /// userName
        /// or
        /// tenantName
        /// </exception>
        private static bool SetAccountStatus(string userName, string tenantName, UserAccountStatusEnum_Enumeration status)
        {
            if (string.IsNullOrEmpty(userName))
            {
                throw new ArgumentNullException("userName");
            }

            if (string.IsNullOrEmpty(tenantName))
            {
                throw new ArgumentNullException("tenantName");
            }

            long tenantId = TenantHelper.GetTenantId(tenantName);

            if (tenantId == -1)
            {
                return(false);
            }

            using (new TenantAdministratorContext(tenantId))
            {
                /////
                // Fetch the user account.
                /////
                UserAccount userAccount = Entity.GetByField <UserAccount>(userName, true, new EntityRef("core", "name")).FirstOrDefault( );

                if (userAccount == null)
                {
                    return(false);
                }

                userAccount.AccountStatus_Enum = status;

                userAccount.Save( );
            }

            return(true);
        }