public void ResetPassword_HappyPath()
        {
            using (var disposer = new Disposer())
            {
                var utcNow = new DateTime(2012, 10, 22, 23, 30, 0, DateTimeKind.Utc);

                string emailToken = null;
                User user;
                AuthenticationController controller;
                try
                {
                    user = this.db.Users.Single(x => x.UserName == "andrerpena");

                    var mr = new MockRepository();

                    var mve = mr.SetupViewEngine(disposer);
                    mve.SetViewContent("ResetPasswordEmail",
                                       vc =>
                                       {
                                           emailToken = ((UserEmailViewModel)vc.ViewData.Model).Token;
                                           return "Fake e-mail contents!";
                                       });

                    var controller0 = mr.CreateController<AuthenticationController>();
                    controller0.UtcNowGetter = () => utcNow;

                    // requesting password reset
                    controller0.ResetPasswordRequest(
                        new IdentityViewModel
                            {
                                PracticeIdentifier = user.Practice.UrlIdentifier,
                                UserNameOrEmail = user.UserName,
                            });

                    var mr1 = new MockRepository();
                    controller = mr1.CreateController<AuthenticationController>();
                    controller.UtcNowGetter = () => utcNow;
                }
                catch (Exception ex)
                {
                    InconclusiveInit(ex, "1st test initialization has failed");
                    return;
                }

                // reseting the password
                ActionResult actionResult;
                {
                    actionResult = controller.ResetPassword(
                        new ResetPasswordViewModel
                            {
                                Token = emailToken,
                                NewPassword = "******",
                                ConfirmNewPassword = "******",
                                PracticeIdentifier = user.Practice.UrlIdentifier,
                                UserNameOrEmail = user.UserName,
                            });
                }

                // Asserting action result.
                Assert.IsInstanceOfType(actionResult, typeof(RedirectToRouteResult));
                var redirectResult = (RedirectToRouteResult)actionResult;
                Assert.AreEqual("ResetPasswordSuccess", redirectResult.RouteValues["action"]);

                // Asserting user can login with the new password.
                ActionResult loginActionResult;
                try
                {
                    var mr2 = new MockRepository();
                    var controller2 = mr2.CreateController<AuthenticationController>();
                    controller2.UtcNowGetter = () => utcNow;
                    loginActionResult = controller2.Login(
                        new LoginViewModel
                            {
                                PracticeIdentifier = user.Practice.UrlIdentifier,
                                UserNameOrEmail = user.UserName,
                                Password = "******",
                            });
                }
                catch (Exception ex)
                {
                    InconclusiveInit(ex, "2nd test initialization has failed");
                    return;
                }

                Assert.IsInstanceOfType(loginActionResult, typeof(RedirectToRouteResult));
                var redirectToRouteResult = (RedirectToRouteResult)loginActionResult;
                Assert.AreEqual("Index", (string)redirectToRouteResult.RouteValues["action"], ignoreCase: true);
                Assert.AreEqual("PracticeHome", (string)redirectToRouteResult.RouteValues["controller"], ignoreCase: true);
                Assert.AreEqual("App", (string)redirectToRouteResult.RouteValues["area"], ignoreCase: true);
            }
        }
        public void CreateAccount_2_PracticeNameThatAlreadyExists()
        {
            using (var disposer = new Disposer())
            {
                AuthenticationController controller;
                var hasBeenSaved = false;
                CreateAccountViewModel vm;

                try
                {
                    var mr = new MockRepository();

                    var mve = mr.SetupViewEngine(disposer);
                    mve.SetViewContent(
                        "ConfirmationEmail",
                        vc => vc.ViewData.Model.ConvertObjectToString("<div>{0}={1}</div>"));

                    mr.SetupHttpContext(disposer);

                    controller = mr.CreateController<AuthenticationController>(
                        setupNewDb: db2 => db2.SavingChanges += (s, e) => { hasBeenSaved = true; });
                    var practiceName = this.db.Practices.Single().UrlIdentifier;

                    controller.EmailSender = mm =>
                    {
                        // Do nothing, instead of sending a REAL e-mail.
                        // Don't need to test if this has been called... another test already does this.
                    };

                    vm = new CreateAccountViewModel
                    {
                        UserName = "******",
                        PracticeName = practiceName,
                        Password = "******",
                        ConfirmPassword = "******",
                        DateOfBirth = new DateTime(1984, 05, 04),
                        EMail = "*****@*****.**",
                        FullName = "Miguel Angelo Santos Bicudo",
                        Gender = (short)TypeGender.Male,
                    };
                    Mvc3TestHelper.SetModelStateErrors(controller, vm);
                }
                catch (Exception ex)
                {
                    InconclusiveInit(ex);
                    return;
                }

                // Creating a new user without an e-mail.
                // This must be ok, no exceptions, no validation errors.
                ActionResult actionResult;

                {
                    actionResult = controller.CreateAccount(vm);
                }

                // Assertions.
                Assert.IsNotNull(actionResult, "The result of the controller method is null.");
                Assert.IsInstanceOfType(actionResult, typeof(ViewResult));
                var viewResult = (ViewResult)actionResult;
                Assert.AreEqual(viewResult.ViewName, "");
                Assert.IsFalse(controller.ModelState.IsValid, "ModelState should not be valid.");
                Assert.AreEqual(1, controller.ModelState.GetAllErrors().Count, "ModelState should contain one validation message.");
                Assert.IsTrue(
                    controller.ModelState.ContainsKey("PracticeName"),
                    "ModelState must contain validation message for 'PracticeName'.");
                Assert.IsFalse(hasBeenSaved, "The database has been changed. This was not supposed to happen.");
            }
        }
        public void ResetPasswordRequest_HappyPath()
        {
            using (var disposer = new Disposer())
            {
                AuthenticationController controller;
                var utcNow = new DateTime(2012, 10, 22, 23, 30, 0, DateTimeKind.Utc);
                var hasBeenSaved = false;
                var wasEmailSent = false;

                User user;
                string emailToken = null;
                string emailBody = null;
                string emailToAddress = null;
                string emailSubject = null;
                try
                {
                    user = this.db.Users.Single(x => x.UserName == "andrerpena");

                    var mr = new MockRepository();

                    var mve = mr.SetupViewEngine(disposer);
                    mve.SetViewContent(
                        "ResetPasswordEmail",
                        vc =>
                        {
                            emailToken = ((UserEmailViewModel)vc.ViewData.Model).Token;
                            return vc.ViewData.Model.ConvertObjectToString("<div>{0}={1}</div>");
                        });

                    controller = mr.CreateController<AuthenticationController>(
                        setupNewDb: db1 => { db1.SavingChanges += (s, e) => hasBeenSaved = true; });
                    controller.UtcNowGetter = () => utcNow;

                    controller.EmailSender += mm =>
                    {
                        wasEmailSent = true;
                        emailBody = mm.Body;
                        emailSubject = mm.Subject;
                        emailToAddress = mm.To.Single().Address;
                    };
                }
                catch (Exception ex)
                {
                    InconclusiveInit(ex);
                    return;
                }

                ActionResult actionResult;
                {
                    actionResult = controller.ResetPasswordRequest(
                        new IdentityViewModel
                            {
                                PracticeIdentifier = user.Practice.UrlIdentifier,
                                UserNameOrEmail = user.UserName,
                            });
                }

                using (var dbs = CreateNewCerebelloEntities())
                {
                    // Asserting.
                    Assert.IsTrue(controller.ModelState.IsValid, "ModelState is not valid.");

                    Assert.IsNotNull(actionResult);
                    Assert.IsInstanceOfType(actionResult, typeof(RedirectToRouteResult));
                    var redirectToRouteResult = (RedirectToRouteResult)actionResult;
                    Assert.AreEqual("ResetPasswordEmailSent", redirectToRouteResult.RouteValues["action"]);
                    Assert.AreEqual(null, redirectToRouteResult.RouteValues["controller"]);
                    Assert.AreEqual(null, redirectToRouteResult.RouteValues["area"]);

                    // Assert DB values.
                    Assert.IsTrue(hasBeenSaved, "The database has not been changed. This was supposed to happen.");
                    var tokenId = new TokenId(emailToken);
                    var savedToken = dbs.GLB_Token.Single(tk => tk.Id == tokenId.Id);
                    Assert.AreEqual(32, savedToken.Value.Length);
                    Assert.AreEqual(tokenId.Value, savedToken.Value);
                    Assert.AreEqual(utcNow.AddDays(30), savedToken.ExpirationDate);

                    // Assertion for email.
                    Assert.IsTrue(wasEmailSent, "E-mail was not sent, but it should.");
                    var emailViewModel = new UserEmailViewModel(user) { Token = emailToken, };
                    var emailExpected = emailViewModel.ConvertObjectToString("<div>{0}={1}</div>");
                    Assert.AreEqual(emailExpected, emailBody);
                    Assert.AreEqual("Redefinir senha da conta no Cerebello", emailSubject);
                    Assert.AreEqual("*****@*****.**", emailToAddress);
                }
            }
        }
        public void CreateAccount_WithDoctor_HappyPath()
        {
            using (var disposer = new Disposer())
            {
                AuthenticationController controller;
                var hasBeenSaved = false;
                CreateAccountViewModel vm;

                try
                {
                    var mr = new MockRepository();

                    var mve = mr.SetupViewEngine(disposer);
                    mve.SetViewContent(
                        "ConfirmationEmail",
                        vc => vc.ViewData.Model.ConvertObjectToString("<div>{0}={1}</div>"));
                    mr.SetRouteData_ControllerAndActionOnly("Home", "Index");

                    mr.SetupHttpContext(disposer);

                    controller = mr.CreateController<AuthenticationController>(
                        setupNewDb: db2 => db2.SavingChanges += (s, e) => { hasBeenSaved = true; });
                    mr.SetupUrlHelper(controller);

                    controller.EmailSender = mm =>
                    {
                        // Do nothing, instead of sending a REAL e-mail.
                        // Don't need to test if this has been called... another test already does this.
                    };

                    // Creating ViewModel, and setting the ModelState of the controller.
                    var me = Firestarter.GetMedicalEntity_Psicologia(this.db);
                    var ms = Firestarter.GetMedicalSpecialty_Psiquiatra(this.db);
                    vm = new CreateAccountViewModel
                    {
                        UserName = "******",
                        PracticeName = "consultoriodrhouse_08sd986",
                        Password = "******",
                        ConfirmPassword = "******",
                        DateOfBirth = new DateTime(1984, 05, 04),
                        EMail = "*****@*****.**",
                        FullName = "André",
                        Gender = (short)TypeGender.Male,
                        IsDoctor = true,
                        MedicCRM = "98237",
                        MedicalEntityId = me.Id,
                        MedicalSpecialtyId = ms.Id,
                        MedicalSpecialtyName = ms.Name,
                        MedicalEntityJurisdiction = (int)TypeEstadoBrasileiro.RJ,
                    };
                    Mvc3TestHelper.SetModelStateErrors(controller, vm);
                }
                catch (Exception ex)
                {
                    InconclusiveInit(ex);
                    return;
                }

                // Creating a new user without an e-mail.
                // This must be ok, no exceptions, no validation errors.
                ActionResult actionResult;

                {
                    actionResult = controller.CreateAccount(vm);
                }

                // Getting the user that was saved.
                var savedUser = this.db.Users.Single(u => u.UserName == "andré-01");

                // Assertions.
                Assert.IsNotNull(actionResult, "The result of the controller method is null.");
                Assert.IsInstanceOfType(actionResult, typeof(RedirectToRouteResult));
                var redirectResult = (RedirectToRouteResult)actionResult;
                Assert.AreEqual(redirectResult.RouteValues["action"], "CreateAccountCompleted");
                Assert.IsTrue(controller.ModelState.IsValid, "ModelState should be valid.");
                Assert.IsTrue(hasBeenSaved, "The database should be changed, but it was not.");
                Assert.AreEqual(savedUser.UserNameNormalized, "andre01");

                // Assert user is logged-in: this is already done in CreateAccount_HappyPath.

                // Assertion for email: this is already done in CreateAccount_HappyPath.
            }
        }
        public void CreateAccount_HappyPath()
        {
            using (var disposer = new Disposer())
            {
                AuthenticationController controller;
                var hasBeenSaved = false;
                CreateAccountViewModel vm;

                var wasEmailSent = false;
                string emailBody = null, emailSubject = null, emailToAddress = null;

                var utcNow = new DateTime(2012, 08, 31, 0, 0, 0, DateTimeKind.Utc);

                try
                {
                    var mr = new MockRepository();

                    var mve = mr.SetupViewEngine(disposer);
                    mve.SetViewContent(
                        "ConfirmationEmail",
                        vc => vc.ViewData.Model.ConvertObjectToString("<div>{0}={1}</div>"));
                    mr.SetRouteData_ControllerAndActionOnly("Home", "Index");

                    mr.SetupHttpContext(disposer);

                    controller = mr.CreateController<AuthenticationController>(
                        setupNewDb: db2 => db2.SavingChanges += (s, e) => { hasBeenSaved = true; });

                    controller.UtcNowGetter = () => utcNow;

                    controller.EmailSender = mm =>
                    {
                        wasEmailSent = true;
                        emailBody = mm.Body;
                        emailSubject = mm.Subject;
                        emailToAddress = mm.To.Single().Address;
                    };

                    // Creating ViewModel, and setting the ModelState of the controller.
                    vm = new CreateAccountViewModel
                    {
                        UserName = "******",
                        PracticeName = "consultoriodrhouse_08sd986",
                        Password = "******",
                        ConfirmPassword = "******",
                        DateOfBirth = new DateTime(1984, 05, 04),
                        EMail = "*****@*****.**",
                        FullName = "André",
                        Gender = (short)TypeGender.Male,
                    };
                    Mvc3TestHelper.SetModelStateErrors(controller, vm);
                }
                catch (Exception ex)
                {
                    InconclusiveInit(ex);
                    return;
                }

                // Creating a new user without an e-mail.
                // This must be ok, no exceptions, no validation errors.
                ActionResult actionResult;

                {
                    actionResult = controller.CreateAccount(vm);
                }

                // Getting the user that was saved.
                var savedUser = this.db.Users.Single(u => u.UserName == "andré-01");
                var savedToken = this.db.GLB_Token.Single();

                // Assertions.
                Assert.IsNotNull(actionResult, "The result of the controller method is null.");
                Assert.IsInstanceOfType(actionResult, typeof(RedirectToRouteResult));
                var redirectResult = (RedirectToRouteResult)actionResult;
                Assert.AreEqual(redirectResult.RouteValues["action"], "CreateAccountCompleted");
                Assert.IsTrue(controller.ModelState.IsValid, "ModelState should be valid.");
                Assert.IsTrue(hasBeenSaved, "The database should be changed, but it was not.");

                // Assert DB values.
                Assert.AreEqual(savedUser.UserNameNormalized, "andre01");
                Assert.AreEqual(32, savedToken.Value.Length);
                Assert.AreEqual(savedUser.Practice.VerificationDate, null);
                Assert.AreEqual(utcNow.AddDays(30), savedToken.ExpirationDate);
                Assert.IsTrue(savedUser.IsOwner, "Saved user should be the owner of the practice.");
                Assert.AreEqual(savedUser.Id, savedUser.Practice.OwnerId, "Saved user should be the owner of the practice.");
                Assert.IsNotNull(savedUser.Administrator, "Practice owner must be administrator.");

                // Assert user is logged-in.
                Assert.IsTrue(
                    controller.HttpContext.Response.Cookies.Keys.Cast<string>().Contains(".ASPXAUTH"),
                    "Authentication cookie should be present in the Response.");
                var authCookie = controller.HttpContext.Response.Cookies[".ASPXAUTH"];
                Assert.IsNotNull(authCookie, @"Response.Cookies["".ASPXAUTH""] must not be null.");
                var ticket = System.Web.Security.FormsAuthentication.Decrypt(authCookie.Value);
                Assert.AreEqual("andré-01", ticket.Name);
                var token = SecurityTokenHelper.FromString(ticket.UserData);
                Assert.AreEqual(savedUser.Id, token.UserData.Id);
                Assert.AreEqual("André", token.UserData.FullName);
                Assert.AreEqual("*****@*****.**", token.UserData.Email);
                Assert.AreEqual(false, token.UserData.IsUsingDefaultPassword);

                // Assertion for email.
                Assert.IsTrue(wasEmailSent, "E-mail was not sent, but it should.");
                var emailViewModel = new UserEmailViewModel(savedUser)
                {
                    Token = new TokenId(savedToken.Id, savedToken.Value).ToString(),
                };
                var emailExpected = emailViewModel.ConvertObjectToString("<div>{0}={1}</div>");
                Assert.AreEqual(emailExpected, emailBody);
                Assert.AreEqual("Bem vindo ao Cerebello! Por favor, confirme a criação de sua conta.", emailSubject);
                Assert.AreEqual("*****@*****.**", emailToAddress);
            }
        }
        public void CreateAccount_4_UserNameIsInvalid()
        {
            using (var disposer = new Disposer())
            {
                AuthenticationController controller;
                var hasBeenSaved = false;
                CreateAccountViewModel vm;
                var hasEmail = false;
                try
                {
                    var mr = new MockRepository();
                    mr.SetRouteData(typeof(AuthenticationController), "CreateAccount");

                    var mve = mr.SetupViewEngine(disposer);
                    mve.SetViewContent("ConfirmationEmail", vc => "<html>Test e-mail string.</html>");

                    controller = mr.CreateController<AuthenticationController>(
                        setupNewDb: db2 => db2.SavingChanges += (s, e) => { hasBeenSaved = true; });

                    controller.EmailSender = mm => { hasEmail = true; };

                    // Creating ViewModel, and setting the ModelState of the controller.
                    vm = new CreateAccountViewModel
                    {
                        UserName = "******", // char # is invalid
                        PracticeName = "New Practice Name 4146",
                        Password = "******",
                        ConfirmPassword = "******",
                        DateOfBirth = new DateTime(1984, 09, 01),
                        EMail = "*****@*****.**",
                        FullName = "André Rodrigues Pena",
                        Gender = (short)TypeGender.Male,
                    };
                    Mvc3TestHelper.SetModelStateErrors(controller, vm);
                }
                catch (Exception ex)
                {
                    InconclusiveInit(ex);
                    return;
                }

                // Creating a new user without an e-mail.
                // This must be ok, no exceptions, no validation errors.
                ActionResult actionResult;

                {
                    actionResult = controller.CreateAccount(vm);
                }

                // Assertions.
                Assert.IsNotNull(actionResult, "The result of the controller method is null.");
                Assert.IsInstanceOfType(actionResult, typeof(ViewResult));
                var viewResult = (ViewResult)actionResult;
                Assert.AreEqual(viewResult.ViewName, "");
                Assert.IsFalse(controller.ModelState.IsValid, "ModelState should not be valid.");
                Assert.AreEqual(1, controller.ModelState.GetAllErrors().Count, "ModelState should contain one validation message.");
                Assert.IsTrue(
                    controller.ModelState.ContainsKey("UserName"),
                    "ModelState must contain validation message for 'PracticeName'.");
                Assert.IsFalse(hasBeenSaved, "The database has been changed. This was not supposed to happen.");
                Assert.IsFalse(hasEmail, "A confirmation e-mail has been sent. This was not supposed to happen.");
            }
        }
        /// <summary>
        /// Simulates the creation of a new account,
        /// by using the real controller,
        /// and mocking everything that is of no interest.
        /// </summary>
        /// <param name="utcNow"></param>
        /// <param name="password"> </param>
        /// <param name="outToken"> </param>
        private static int CreateAccount_Helper(DateTime utcNow, out string password, out string outToken)
        {
            using (var disposer = new Disposer())
            {
                var mr = new MockRepository();

                string token = null;
                var mve = mr.SetupViewEngine(disposer);
                mve.SetViewContent(
                    "ConfirmationEmail",
                    vc =>
                    {
                        token = ((UserEmailViewModel)vc.ViewData.Model).Token;
                        return "Fake e-mail message.";
                    });

                mr.SetupHttpContext(disposer);

                var controller = mr.CreateController<AuthenticationController>();

                controller.UtcNowGetter = () => utcNow;

                controller.EmailSender = mm =>
                    {
                        // Just don't send any REAL e-mail.
                    };

                // Creating ViewModel, and setting the ModelState of the controller.
                password = "******";
                var vm = new CreateAccountViewModel
                    {
                        UserName = "******",
                        PracticeName = "consultoriodrhouse_08sd986",
                        Password = password,
                        ConfirmPassword = password,
                        DateOfBirth = new DateTime(1984, 05, 04),
                        EMail = "*****@*****.**",
                        FullName = "André",
                        Gender = (short)TypeGender.Male,
                    };
                Mvc3TestHelper.SetModelStateErrors(controller, vm);

                // Call the action on the controller to create the new account.
                // No assertions will be made to this, because this is not a test.
                // If you want to test any values, do it in a TEST METHOD.
                controller.CreateAccount(vm);

                outToken = token;

                // Getting the Id of the user that was created, and returning it.
                var authCookie = controller.HttpContext.Response.Cookies[".ASPXAUTH"];
                Assert.IsNotNull(authCookie, @"Response.Cookies["".ASPXAUTH""] must not be null.");
                var ticket = System.Web.Security.FormsAuthentication.Decrypt(authCookie.Value);
                var securityToken = SecurityTokenHelper.FromString(ticket.UserData);

                return securityToken.UserData.Id;
            }
        }
        public void CreateAccount_3_UserNameExistsInAnotherPractice_HappyPath()
        {
            using (var disposer = new Disposer())
            {
                AuthenticationController controller;
                var hasBeenSaved = false;
                CreateAccountViewModel vm;

                try
                {
                    var mr = new MockRepository();

                    var mve = mr.SetupViewEngine(disposer);
                    mve.SetViewContent(
                        "ConfirmationEmail",
                        vc => vc.ViewData.Model.ConvertObjectToString("<div>{0}={1}</div>"));
                    mr.SetRouteData_ControllerAndActionOnly("Home", "Index");

                    mr.SetupHttpContext(disposer);

                    controller = mr.CreateController<AuthenticationController>(
                        setupNewDb: db2 => db2.SavingChanges += (s, e) => { hasBeenSaved = true; });
                    var userFullName = this.db.Users.Single().Person.FullName;
                    var userName = this.db.Users.Single().UserName;

                    controller.EmailSender = mm =>
                    {
                        // Do nothing, instead of sending a REAL e-mail.
                        // Don't need to test if this has been called... another test already does this.
                    };

                    vm = new CreateAccountViewModel
                    {
                        UserName = userName,
                        PracticeName = "consultoriodrhouse_0832986",
                        Password = "******",
                        ConfirmPassword = "******",
                        DateOfBirth = new DateTime(1984, 05, 04),
                        EMail = "*****@*****.**",
                        FullName = userFullName,
                        Gender = (short)TypeGender.Male,
                    };
                    Mvc3TestHelper.SetModelStateErrors(controller, vm);
                }
                catch (Exception ex)
                {
                    InconclusiveInit(ex);
                    return;
                }

                // Creating a new user without an e-mail.
                // This must be ok, no exceptions, no validation errors.
                ActionResult actionResult;

                {
                    actionResult = controller.CreateAccount(vm);
                }

                // Assertions.
                Assert.IsNotNull(actionResult, "The result of the controller method is null.");
                Assert.IsInstanceOfType(actionResult, typeof(RedirectToRouteResult));
                var redirectResult = (RedirectToRouteResult)actionResult;
                Assert.AreEqual(redirectResult.RouteValues["action"], "CreateAccountCompleted");
                Assert.IsTrue(controller.ModelState.IsValid, "ModelState should be valid.");
                Assert.IsTrue(hasBeenSaved, "The database should be changed, but it was not.");
            }
        }