public void Cannot_delete_brand_ip_regulation_with_invalid_brand()
{
/*** Arrange ***/
var licensee = BrandTestHelper.CreateLicensee();
var brand = BrandTestHelper.CreateBrand(licensee, isActive: true);
SecurityTestHelper.CreateBrand(brand.Id, brand.LicenseeId, brand.TimezoneId);
var ipAddress = TestDataGenerator.GetRandomIpAddress();
var data = new AddBrandIpRegulationData
{
IpAddress = ipAddress,
BrandId = brand.Id,
LicenseeId = licensee.Id,
BlockingType = IpRegulationConstants.BlockingTypes.Redirection,
RedirectionUrl = "google.com"
};
_brandService.CreateIpRegulation(data);
var regulation = _brandService.GetIpRegulations().SingleOrDefault(ip => ip.IpAddress == ipAddress);
LogWithNewAdmin(Modules.BrandIpRegulationManager, Permissions.Delete);
/*** Act ***/
Assert.NotNull(regulation);
Assert.Throws <InsufficientPermissionsException>(() => _brandService.DeleteIpRegulation(regulation.Id));
}
public void Allow_access_to_brand_website_for_ip_address_specified_in_ipv4_format()
{
// *** Arrange ***
var ipAddressv4 = TestDataGenerator.GetRandomIpAddress(IpVersion.Ipv4);
const string redirectionUrl = "google.com";
if (Brand == null)
{
//Assert.Fail throws the exception for NUnit framework, so execution of the test stops
Assert.Fail("Brand not found");
}
var brandIpRegulationData = new AddBrandIpRegulationData
{
IpAddress = ipAddressv4,
BrandId = Brand.Id,
// Ip address is blocked with redirection to specified Url
BlockingType = IpRegulationConstants.BlockingTypes.Redirection,
RedirectionUrl = redirectionUrl
};
_brandService.CreateIpRegulation(brandIpRegulationData);
var ipAddressNotInBlackList = TestDataGenerator.GetRandomIpAddress(IpVersion.Ipv4);
// *** Act ***
var verificationResult = _brandService.VerifyIpAddress(ipAddressNotInBlackList, Brand.Id);
// *** Assert ***
Assert.True(verificationResult.Allowed);
}
public void Cannot_update_brand_ip_regulation_with_invalid_brand()
{
/*** Arrange ***/
var licensee = BrandTestHelper.CreateLicensee();
var brand = BrandTestHelper.CreateBrand(licensee, isActive: true);
SecurityTestHelper.CreateBrand(brand.Id, brand.LicenseeId, brand.TimezoneId);
var addBrandIpRegulationData = new AddBrandIpRegulationData
{
IpAddress = TestDataGenerator.GetRandomIpAddress(),
BrandId = brand.Id,
LicenseeId = licensee.Id,
BlockingType = IpRegulationConstants.BlockingTypes.Redirection,
RedirectionUrl = "google.com"
};
_brandService.CreateIpRegulation(addBrandIpRegulationData);
var editBrandIpRegulationData = Mapper.DynamicMap <EditBrandIpRegulationData>(addBrandIpRegulationData);
LogWithNewAdmin(Modules.BrandIpRegulationManager, Permissions.Update);
/*** Act ***/
Assert.Throws <InsufficientPermissionsException>(() => _brandService.UpdateIpRegulation(editBrandIpRegulationData));
}
public void Can_verify_unique_ip_address_for_brand_website()
{
// *** Arrange ***
const string ipAddressRange = "192.168.5.10-20";
var brandIpRegulation = new AddBrandIpRegulationData
{
IpAddress = ipAddressRange,
BrandId = Brand.Id
};
_brandService.CreateIpRegulation(brandIpRegulation);
// *** Act ***
var isIpAddressWithinRegulationRange = _brandService.IsIpAddressUnique("192.168.5.15");
var isIpAddressOutOfRegulationRange = _brandService.IsIpAddressUnique("192.168.5.52");
var isIpAddressRangeIntersectRegulationRange = _brandService.IsIpAddressUnique("192.168.5.15-25");
var isIpAddressRangeDontIntersectRegulationRange = _brandService.IsIpAddressUnique("192.168.5.25-30");
// *** Assert ***
Assert.False(isIpAddressWithinRegulationRange);
Assert.True(isIpAddressOutOfRegulationRange);
Assert.False(isIpAddressRangeIntersectRegulationRange);
Assert.True(isIpAddressRangeDontIntersectRegulationRange);
}
public void Can_delete_brand_ip_regulation()
{
/*** Arrange ***/
var ipAddress = TestDataGenerator.GetRandomIpAddress();
const string redirectionUrl = "google.com";
var brandIpRegulation = new AddBrandIpRegulationData
{
IpAddress = ipAddress,
BrandId = Brand.Id,
// Ip address is blocked with redirection to specified Url
BlockingType = IpRegulationConstants.BlockingTypes.Redirection,
RedirectionUrl = redirectionUrl
};
_brandService.CreateIpRegulation(brandIpRegulation);
var regulation = _brandService.GetIpRegulations().SingleOrDefault(ip => ip.IpAddress == ipAddress);
/*** Act ***/
_brandService.DeleteIpRegulation(regulation.Id);
/*** Assert ***/
var deletedRegulation = _brandService.GetIpRegulations().SingleOrDefault(ip => ip.IpAddress == ipAddress);
Assert.IsNull(deletedRegulation);
}
public void Cannot_delete_brand_ip_regulation_without_permissions()
{
/*** Arrange ***/
// Create role and user that has permission to delete IP regulation
var sufficientPermissions = new List <PermissionData>
{
SecurityTestHelper.GetPermission(Permissions.Delete, Modules.BrandIpRegulationManager)
};
var roleWithPermission = SecurityTestHelper.CreateRole(permissions: sufficientPermissions);
var userWithPermission = SecurityTestHelper.CreateAdmin(roleId: roleWithPermission.Id);
// Create role and user that has permission only to view IP regulations not to delete ones
var insufficientPermissions = new List <PermissionData>
{
SecurityTestHelper.GetPermission(Permissions.View, Modules.BrandIpRegulationManager)
};
var roleWithoutPermission = SecurityTestHelper.CreateRole(permissions: insufficientPermissions);
var userWithoutPermission = SecurityTestHelper.CreateAdmin(roleId: roleWithoutPermission.Id);
var ipAddress = TestDataGenerator.GetRandomIpAddress();
const string redirectionUrl = "google.com";
var brandIpRegulation = new AddBrandIpRegulationData
{
IpAddress = ipAddress,
BrandId = Brand.Id,
// Ip address is blocked with redirection to specified Url
BlockingType = IpRegulationConstants.BlockingTypes.Redirection,
RedirectionUrl = redirectionUrl
};
_brandService.CreateIpRegulation(brandIpRegulation);
var regulation = _brandService.GetIpRegulations().SingleOrDefault(ip => ip.IpAddress == ipAddress);
/*** Act ***/
// Signin user that has sufficient permissions to delete backend IP regulation
SecurityTestHelper.SignInAdmin(userWithPermission);
// Check that method DeleteIpRegulation doesn't throw InsufficientPermissionsException
Assert.DoesNotThrow(
() => _brandService.DeleteIpRegulation(regulation.Id));
// Signin user that has insufficient permissions to delete backend IP regulation
SecurityTestHelper.SignInAdmin(userWithoutPermission);
// Check that method DeleteIpRegulation throws InsufficientPermissionsException
Assert.Throws <InsufficientPermissionsException>(
() => _brandService.DeleteIpRegulation(regulation.Id));
}
public void Block_brand_website_for_ip_address_ranges_specified_with_dashes()
{
// *** Arrange ***
var ipAddressRangeWithDash = TestDataGenerator.GetRandomIpAddressV4Range(IpAddressRangeSeparators.Dash);
const string redirectionUrl = "google.com";
if (Brand == null)
{
//Assert.Fail throws the exception for NUnit framework, so execution of the test stops
Assert.Fail("Brand not found");
}
var brandIpRegulation = new AddBrandIpRegulationData
{
IpAddress = ipAddressRangeWithDash,
BrandId = Brand.Id,
// Ip address is blocked with redirection to specified Url
BlockingType = IpRegulationConstants.BlockingTypes.Redirection,
RedirectionUrl = redirectionUrl
};
_brandService.CreateIpRegulation(brandIpRegulation);
// Expand ip address range into list of ip addresses, e.g. 192.168.5.10/12 is expanded into [192.168.5.10, 192.168.5.11]
var expandedIpAddressRange = IpRegulationRangeHelper.ExpandIpAddressRange(ipAddressRangeWithDash).ToList();
// *** Act ***
var ipAddressRangeVerificationResults =
expandedIpAddressRange.Select(address => _brandService.VerifyIpAddress(address, Brand.Id)).ToList();
// *** Assert ***
var isIpAddressRangeBlocked = ipAddressRangeVerificationResults
.Aggregate(false, (current, result) => current || !result.Allowed);
var isIpRegulationBlockingTypeSetToRedirection = ipAddressRangeVerificationResults
.Aggregate(true, (current, result) => current &&
result.BlockingType == IpRegulationConstants.BlockingTypes.Redirection);
var isIpRegulationRedirectionUrlSetToDefinedUrl = ipAddressRangeVerificationResults
.Aggregate(true, (current, result) => current &&
result.RedirectionUrl == redirectionUrl);
Assert.True(isIpAddressRangeBlocked);
Assert.True(isIpRegulationBlockingTypeSetToRedirection);
Assert.True(isIpRegulationRedirectionUrlSetToDefinedUrl);
}
public void Can_update_brand_ip_regulation()
{
/*** Arrange ***/
var ipAddress = TestDataGenerator.GetRandomIpAddress();
const string redirectionUrl = "google.com";
var brandIpRegulation = new AddBrandIpRegulationData
{
IpAddress = ipAddress,
BrandId = Brand.Id,
LicenseeId = Brand.LicenseeId,
// Ip address is blocked with redirection to specified Url
BlockingType = IpRegulationConstants.BlockingTypes.Redirection,
RedirectionUrl = redirectionUrl
};
_brandService.CreateIpRegulation(brandIpRegulation);
var regulation = _brandService.GetIpRegulations().SingleOrDefault(ip => ip.IpAddress == ipAddress);
var editIpAddress = TestDataGenerator.GetRandomIpAddress();
var editDescription = TestDataGenerator.GetRandomString(20);
var editData = new EditBrandIpRegulationData
{
Id = regulation.Id,
LicenseeId = Brand.LicenseeId,
BrandId = Brand.Id,
IpAddress = editIpAddress,
Description = editDescription,
BlockingType = IpRegulationConstants.BlockingTypes.LoginRegistration
};
/*** Act ***/
_brandService.UpdateIpRegulation(editData);
/*** Assert ***/
var updatedRegulation = _brandService.GetIpRegulations().SingleOrDefault(ip => ip.IpAddress == editIpAddress);
Assert.IsNotNull(updatedRegulation);
Assert.AreEqual(updatedRegulation.IpAddress, editIpAddress);
Assert.AreEqual(updatedRegulation.Description, editDescription);
Assert.AreEqual(updatedRegulation.BlockingType, IpRegulationConstants.BlockingTypes.LoginRegistration);
}
public void Can_verify_ip_address_range_lower_and_upper_bounds_for_brand_website()
{
// *** Arrange ***
const string ipAddressRange = "192.168.5.10-20";
var brandIpRegulation = new AddBrandIpRegulationData
{
IpAddress = ipAddressRange,
BrandId = Brand.Id
};
_brandService.CreateIpRegulation(brandIpRegulation);
// *** Act ***
var isLowerBoundBlocked = !_brandService.VerifyIpAddress("192.168.5.10").Allowed;
var isUpperBoundBlocked = !_brandService.VerifyIpAddress("192.168.5.20").Allowed;
// *** Assert ***
Assert.True(isLowerBoundBlocked);
Assert.True(isUpperBoundBlocked);
}
public void WhenNewBrandIpRegulationIsCreated()
{
ScenarioContext.Current.Should().ContainKey("brandId");
var brandId = ScenarioContext.Current.Get <Guid>("brandId");
ScenarioContext.Current.Should().ContainKey("licenseeId");
var licenseeId = ScenarioContext.Current.Get <Guid>("licenseeId");
var data = new AddBrandIpRegulationData
{
IpAddress = TestDataGenerator.GetRandomIpAddress(),
BrandId = brandId,
LicenseeId = licenseeId,
BlockingType = IpRegulationConstants.BlockingTypes.Redirection,
RedirectionUrl = "google.com"
};
var brandIpRegulation = BrandIpRegulationService.CreateIpRegulation(data);
ScenarioContext.Current.Add("brandIpRegulationId", brandIpRegulation.Id);
}
public BrandIpRegulation CreateBrandIpRegulation(string ipAddress, string brandName,
string redirectUrl = null, string blockingType = null)
{
var brand = _brandQueries.GetBrands().SingleOrDefault(b => b.Name == brandName);
if (brand == null)
{
throw new RegoValidationException(SecurityErrorCodes.InvalidBrandCode.ToString());
}
var addIpRegulationData = new AddBrandIpRegulationData
{
IpAddress = ipAddress,
LicenseeId = brand.LicenseeId,
BrandId = brand.Id,
RedirectionUrl = redirectUrl,
BlockingType = blockingType
};
return(_brandIpRegulationService.CreateIpRegulation(addIpRegulationData));
}
public void ThenNewBrandIpRegulationIsSuccessfullyCreated()
{
ScenarioContext.Current.Should().ContainKey("brandId");
var brandId = ScenarioContext.Current.Get <Guid>("brandId");
ScenarioContext.Current.Should().ContainKey("licenseeId");
var licenseeId = ScenarioContext.Current.Get <Guid>("licenseeId");
var data = new AddBrandIpRegulationData
{
BrandId = brandId,
LicenseeId = licenseeId,
IpAddress = TestDataGenerator.GetRandomIpAddress(),
Description = TestDataGenerator.GetRandomString(),
AssignedBrands = new [] { brandId }
};
var result = AdminApiProxy.CreateIpRegulationInBrandIpRegulations(data);
result.Should().NotBeNull();
result.StatusCode.ShouldBeEquivalentTo(HttpStatusCode.OK);
}
public void Block_brand_website_for_ip_address_specified_in_ipv6_format()
{
// *** Arrange ***
var ipAddressv6 = TestDataGenerator.GetRandomIpAddress(IpVersion.Ipv6);
const string redirectionUrl = "google.com";
if (Brand == null)
{
//Assert.Fail throws the exception for NUnit framework, so execution of the test stops
Assert.Fail("Brand not found");
}
var brandIpRegulation = new AddBrandIpRegulationData
{
IpAddress = ipAddressv6,
BrandId = Brand.Id,
// Ip address is blocked with redirection to specified Url
BlockingType = IpRegulationConstants.BlockingTypes.Redirection,
RedirectionUrl = redirectionUrl
};
_brandService.CreateIpRegulation(brandIpRegulation);
// *** Act ***
var verificationResult = _brandService.VerifyIpAddress(ipAddressv6, Brand.Id);
// *** Assert ***
var isIpAddressv6Blocked = !verificationResult.Allowed;
var isIpRegulationBlockingTypeSetToRedirection = verificationResult.BlockingType ==
IpRegulationConstants.BlockingTypes.Redirection;
var isIpRegulationRedirectionUrlSetToDefinedUrl = verificationResult.RedirectionUrl == redirectionUrl;
Assert.True(isIpAddressv6Blocked);
Assert.True(isIpRegulationBlockingTypeSetToRedirection);
Assert.True(isIpRegulationRedirectionUrlSetToDefinedUrl);
}
public BrandIpRegulation CreateIpRegulation(AddBrandIpRegulationData data)
{
var regulation = Mapper.DynamicMap <BrandIpRegulation>(data);
var brand = Repository.Brands.Single(x => x.Id == data.BrandId);
using (var scope = CustomTransactionScope.GetTransactionScope())
{
regulation.Id = Guid.NewGuid();
regulation.CreatedBy = Repository.Admins.SingleOrDefault(u => u.Id == ActorInfoProvider.Actor.Id);
regulation.CreatedDate = DateTimeOffset.Now.ToBrandOffset(brand.TimeZoneId);
Repository.BrandIpRegulations.Add(regulation);
Repository.SaveChanges();
_eventBus.Publish(new BrandIpRegulationCreated(regulation)
{
EventCreated = DateTimeOffset.Now.ToBrandOffset(brand.TimeZoneId),
});
scope.Complete();
}
return(regulation);
}
public ValidationResult ValidateAddBrandData(AddBrandIpRegulationData data)
{
var validator = new AddBrandIpRegulationValidator();
return(validator.Validate(data));
}
public HttpResponseMessage CreateIpRegulationInBrandIpRegulations(AddBrandIpRegulationData request)
{
return(WebClient.SecurePostAsJson <AddBrandIpRegulationData, HttpResponseMessage>(Token, _url + AdminApiRoutes.CreateIpRegulationInBrandIpRegulations, request));
}
