Exemplo n.º 1
0
		public void changePassword_post_currentUser_should_not_allow_change_pass_if_oldPassword_is_not_valid()
		{
			UsersManagement.CheckUserPassword(Arg.Any<string>(), Arg.Any<string>()).Returns(false);
			string oldPassword = "******";
			var viewModel = new UserChangePasswordViewModel() { LoginName = CurrentUserLogin, OldPassword = oldPassword, NewPassword = "******", ConfirmPassword = "******" };
			InitTestUsers(RoleType.Appraiser);

			var result = Target.ChangePassword(viewModel, ButtonTypes.Save);

			UsersManagement.Received().CheckUserPassword(CurrentUserLogin, oldPassword);
			UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(Arg.Any<string>(), Arg.Any<int>(), Arg.Any<string>());
			Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit();
		}
Exemplo n.º 2
0
		public ActionResult ChangePassword(UserChangePasswordViewModel model, ButtonTypes pressedButtonType)
		{
			if (pressedButtonType == ButtonTypes.Save)
			{
				if (string.IsNullOrEmpty(model.LoginName))
				{
					ModelState.AddModelError("incorrectUserPassword", "You have no permissions to change password.");
					return PartialView(Constants.Views.UserChangePassword, model.ClearPasswords());
				}

				if (!ModelState.IsValidField("NewPassword") ||
					!ModelState.IsValidField("ConfirmPassword") ||
					!model.NewPassword.Equals(model.ConfirmPassword))
					return PartialView(Constants.Views.UserChangePassword, model.ClearPasswords());

				if (!_appraiserAccessManager.CanChangePasswordForUser(model.LoginName))
				{
					ModelState.AddModelError("incorrectUserPassword", "You have no permissions to change password.");
					return PartialView(Constants.Views.UserChangePassword, model.ClearPasswords());
				}

				if (model.LoginName.Equals(User.Identity.Name, StringComparison.OrdinalIgnoreCase))
				{
					if (!_userManagement.CheckUserPassword(model.LoginName, model.OldPassword))
						ModelState.AddModelError("OldPassword", "Incorrect old password");
				}
				else
					ModelState["OldPassword"].Errors.Clear();

				if (!ModelState.IsValid)
					return PartialView(Constants.Views.UserChangePassword, model.ClearPasswords());

				var user = _userManagement.GetByEmail(model.LoginName);
				_userManagement.ChangePassword(model.LoginName, user.Id, model.NewPassword);
				_userManagement.ClearFailedAttempt(model.LoginName);

				if (model.LoginName.ToLower() != User.Identity.Name.ToLower())
				{
					_taskManager.ScheduleChangePasswordNotification(model.LoginName, model.NewPassword);
				}
				CommitProviderInstance.Commit();

				return Constants.Json.Default;
			}

			return Constants.Json.Default;
		}
Exemplo n.º 3
0
		public void changePassword_post_should_not_allow_change_pass_if_newpass_is_not_confirmed()
		{
			UsersManagement.CheckUserPassword(Arg.Any<string>(), Arg.Any<string>()).Returns(true);
			var viewModel = new UserChangePasswordViewModel()
			{
				LoginName = CurrentUserLogin,
				OldPassword = "******",
				NewPassword = "******",
				ConfirmPassword = "******"
			};

			var result = Target.ChangePassword(viewModel, ButtonTypes.Save);

			UsersManagement.DidNotReceiveWithAnyArgs().CheckUserPassword(Arg.Any<string>(), Arg.Any<string>());
			UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(Arg.Any<string>(), Arg.Any<int>(), Arg.Any<string>());
			Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit();
		}
Exemplo n.º 4
0
		public void changePassword_post_AppraisalCompanyAdminAndAppraiser_cannot_change_pass_for_DvsUsers()
		{
			var userId = 33;
			var viewModel = new UserChangePasswordViewModel()
			{
				LoginName = "*****@*****.**",
				OldPassword = "******",
				NewPassword = "******",
				ConfirmPassword = "******"
			};
			InitTestUsers(RoleType.CompanyAdminAndAppraiser);
			UsersManagement.GetByEmail(viewModel.LoginName).Returns(
				new User()
				{
					Roles = new Role[] { new Role() { Id = (int)RoleType.DvsSuperAdmin } },
					Id = userId
				});

			var result = Target.ChangePassword(viewModel, ButtonTypes.Save);

			UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(viewModel.LoginName, userId, viewModel.NewPassword);
			Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit();

			UsersManagement.GetByEmail(viewModel.LoginName).Returns(
					new User()
					{
						Roles = new Role[] { new Role() { Id = (int)RoleType.DvsAdmin } },
						Id = userId
					});

			result = Target.ChangePassword(viewModel, ButtonTypes.Save);

			UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(viewModel.LoginName, userId, viewModel.NewPassword);
			Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit();
		}
Exemplo n.º 5
0
		public void changePassword_post_Appraiser_cannt_change_pass_for_other_user()
		{
			var viewModel = new UserChangePasswordViewModel()
			{
				LoginName = "*****@*****.**",
				OldPassword = "******",
				NewPassword = "******",
				ConfirmPassword = "******"
			};
			foreach (RoleType role in Enum.GetValues(typeof(RoleType)))
			{
				InitTestUsers(RoleType.Appraiser);
				UsersManagement.GetByEmail(viewModel.LoginName).Returns(
					new User()
					{
						Roles = new Role[] { new Role() { Id = (int)role } }
					});

				var result = Target.ChangePassword(viewModel, ButtonTypes.Save);

				UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(Arg.Any<string>(), Arg.Any<int>(), Arg.Any<string>());
				Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit();
			}
		}
Exemplo n.º 6
0
		public void changePassword_post_AppraisalCompanyAdmin_cannot_change_pass_for_other_company()
		{
			var userId = 32;
			var viewModel = new UserChangePasswordViewModel()
			{
				LoginName = "*****@*****.**",
				OldPassword = "******",
				NewPassword = "******",
				ConfirmPassword = "******"
			};

			InitTestUsers(RoleType.AppraisalCompanyAdmin);
			UsersManagement.GetByEmail(viewModel.LoginName).Returns(
			new User()
			{
				Email = viewModel.LoginName,
				Roles = new Role[] { new Role() { Id = (int)RoleType.Appraiser }, },
				Id = userId
			});
			AppraiserManager.GetByEmail(CurrentUserLogin).Returns(new AppraiserUser { Company = new Model.Entities.AppraisalCompany.AppraisalCompanyDetail() { CompanyId = "AAA" } });
			AppraiserManager.GetByEmail(viewModel.LoginName).Returns(new AppraiserUser { Company = new Model.Entities.AppraisalCompany.AppraisalCompanyDetail() { CompanyId = "BBB" } });

			var result = Target.ChangePassword(viewModel, ButtonTypes.Save);

			UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(viewModel.LoginName, userId, viewModel.NewPassword);
			Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit();

			InitTestUsers(RoleType.CompanyAdminAndAppraiser);
			result = Target.ChangePassword(viewModel, ButtonTypes.Save);

			UsersManagement.DidNotReceiveWithAnyArgs().ChangePassword(viewModel.LoginName, userId, viewModel.NewPassword);
			Target.CommitProviderInstance.DidNotReceiveWithAnyArgs().Commit();
		}
Exemplo n.º 7
0
		public void changePassword_post_SuperDVSAdmin_can_change_pass_for_other_user()
		{
			var userId = 12;
			var viewModel = new UserChangePasswordViewModel()
			{
				LoginName = "*****@*****.**",
				OldPassword = "******",
				NewPassword = "******",
				ConfirmPassword = "******"
			};
			InitTestUsers(RoleType.DvsSuperAdmin);
			UsersManagement.GetByEmail(viewModel.LoginName).Returns(
				new User()
				{
					Roles = new Role[] { new Role() { Id = (int)RoleType.DvsSuperAdmin } },
					Id = userId
				});

			var result = Target.ChangePassword(viewModel, ButtonTypes.Save);

			UsersManagement.Received().ChangePassword(viewModel.LoginName, userId, viewModel.NewPassword);
			Target.CommitProviderInstance.Received().Commit();
		}
Exemplo n.º 8
0
		public void changePassword_post_should_allow_change_pass_if_for_current_user()
		{
			UsersManagement.CheckUserPassword(Arg.Any<string>(), Arg.Any<string>()).Returns(true);
			var viewModel = new UserChangePasswordViewModel()
			{
				LoginName = CurrentUserLogin,
				OldPassword = "******",
				NewPassword = "******",
				ConfirmPassword = "******"
			};
			InitTestUsers(RoleType.Appraiser);
			var result = Target.ChangePassword(viewModel, ButtonTypes.Save);

			UsersManagement.Received().CheckUserPassword(CurrentUserLogin, viewModel.OldPassword);
			UsersManagement.Received().ChangePassword(CurrentUserLogin, Arg.Any<int>(), viewModel.NewPassword);
			Target.CommitProviderInstance.ReceivedWithAnyArgs().Commit();
		}