public void ActivateWithExpiredDateThrowException()
{
// Arrange
var stubUserDao = MockRepository.GenerateStub<IUserExtensionDao>();
stubUserDao.Stub(userExtDao => userExtDao.GetByKey(USER_TEST_ID)).Return(new UserExtension
{
UserId = USER_TEST_ID,
UserStatusCode =
USER_STATUS_CREATEDCODE
});
var membershipMock = MockRepository.GenerateMock<IMembership>();
membershipMock.Stub(mbs => mbs.GetUser(USER_TEST_ID)).Return(dummyMembershipUser);
accountManager.UserExtensionDao = stubUserDao;
accountManager.Membership = membershipMock;
ActivationToken token = new ActivationToken
{
UserId = USER_TEST_ID,
ExpiryDate = DateTime.Now.AddHours(-1),
TypeCode = ACTIVATION_TYPE_CODE,
Version = CURRENT_VERSION
};
string encryptedToken = accountManager.CreateActivationToken(token);
ActivationRequest validActivationRequest = new ActivationRequest
{
Answer = SECURITY_ANSWER,
SecurityQuestionId = SECURITY_QUESTION_ID,
Password = PASSWORD,
Token = encryptedToken
};
try
{
//Act
string userName = accountManager.Activate(validActivationRequest);
// Assert
Assert.Fail("An exception SRVEX30067 of type ValidationException should have been thrown");
}
catch (ValidationException ex)
{
// Assert
Assert.AreEqual(Errors.SRVEX30067.ToString(), ex.Code,
"The Validation exception is not returning the right error code");
}
}
public void ActivateWithCorrectTokenReturnTrue()
{
// Arrange
var mockUserDao = MockRepository.GenerateMock<IUserExtensionDao>();
var membershipMock = MockRepository.GenerateMock<IMembership>();
membershipMock.Stub(mbs => mbs.GetUser(USER_TEST_ID)).Return(dummyMembershipUser);
mockUserDao.Expect(userExtDao => userExtDao.Modify(Arg<UserExtension>.Is.Anything)).Return(true);
mockUserDao.Stub(userExtDao => userExtDao.GetByKey(USER_TEST_ID)).Return(new UserExtension
{
UserId = USER_TEST_ID,
UserStatusCode = USER_STATUS_CREATEDCODE
});
accountManager.UserExtensionDao = mockUserDao;
accountManager.Membership = membershipMock;
ActivationToken token = new ActivationToken
{
UserId = USER_TEST_ID,
ExpiryDate = DateTime.Now.AddDays(5),
TypeCode = ACTIVATION_TYPE_CODE,
Version = CURRENT_VERSION
};
string encryptedToken = accountManager.CreateDefaultActivationToken(USER_TEST_ID);
ActivationRequest validActivationRequest = new ActivationRequest
{
Answer = SECURITY_ANSWER,
SecurityQuestionId = SECURITY_QUESTION_ID,
Password = PASSWORD,
Token = encryptedToken
};
membershipMock.Expect(mbs => mbs.ChangePassword(dummyMembershipUser, validActivationRequest.Password)).
Return(true);
membershipMock.Expect(
mbs =>
mbs.ChangeSecurityQuestionAndAnswer(dummyMembershipUser, validActivationRequest.Password,
validActivationRequest.SecurityQuestionId.ToString(),
validActivationRequest.Answer)).Return(true);
//Act
string userName = accountManager.Activate(validActivationRequest);
//Assert
Assert.IsNotNull(userName, "Check the Activate method return a valid response.");
membershipMock.VerifyAllExpectations();
mockUserDao.VerifyAllExpectations();
}
public void ActivateWithUnknownUserThrowException()
{
// Arrange
var stubUserDao = MockRepository.GenerateStub<IUserExtensionDao>();
stubUserDao.Stub(userExtDao => userExtDao.GetByKey(USER_TEST_ID)).Return(null);
accountManager.UserExtensionDao = stubUserDao;
ActivationToken token = new ActivationToken
{
UserId = USER_TEST_ID,
ExpiryDate = DateTime.Now.AddHours(1),
TypeCode = ACTIVATION_TYPE_CODE,
Version = CURRENT_VERSION
};
string encryptedToken = accountManager.CreateDefaultActivationToken(USER_TEST_ID);
ActivationRequest validActivationRequest = new ActivationRequest
{
Answer = SECURITY_ANSWER,
SecurityQuestionId = SECURITY_QUESTION_ID,
Password = PASSWORD,
Token = encryptedToken
};
try
{
//Act
string userName = accountManager.Activate(validActivationRequest);
// Assert
Assert.Fail("An exception SRVEX30064 of type ValidationException should have been thrown");
}
catch (ValidationException ex)
{
// Assert
Assert.AreEqual(Errors.SRVEX30064.ToString(), ex.Code,
"The Validation exception is not returning the right error code");
}
}
/// <summary>
/// Activate a user based on the activation token, user extension and activation request
/// </summary>
/// <param name="userExtension">The user extension</param>
/// <param name="activationRequest">The activation request</param>
/// <returns>The activated user name</returns>
private string ActivateUser(UserExtension userExtension, ActivationRequest activationRequest, string activationType)
{
MembershipUser user = membership.GetUser(userExtension.UserId);
bool isUpdated = false;
// NOTE: This condition seems to be wrong, because the return user.UserName statement at the end of this method could be called on a potentially null object.
if (user != null)
{
using (BusinessTransaction tx = new BusinessTransaction())
{
//unlock user if user is locked
if (userExtension.UserStatusCode == UserStatusEnum.Locked.GetCode())
{
user.UnlockUser();
}
userExtension.UserStatusCode = USER_STATUS_ACTIVATED;
bool isChangePassword = membership.ChangePassword(user, activationRequest.Password);
bool isChangeQuestionAndAnswer = membership.ChangeSecurityQuestionAndAnswer(
user,
activationRequest.Password,
activationRequest.SecurityQuestionId.ToString(),
activationRequest.Answer);
isUpdated = userExtensionDao.Modify(userExtension);
if (activationType == RESETPASSWORD_TYPE_CODE)
{
userManager.RecordUserEvent(userExtension.UserId, UserEventTypesEnum.UserReActivated);
}
else if (activationType == ACTIVATION_TYPE_CODE)
{
userManager.RecordUserEvent(userExtension.UserId, UserEventTypesEnum.UserActivated);
}
if (isUpdated == false || isChangePassword == false || isChangeQuestionAndAnswer == false)
{
tx.Rollback();
}
tx.Commit();
}
}
return user.UserName;
}
/// <summary>
/// Validate an activation/reset password token
/// </summary>
/// <param name="activationRequest">Activation request</param>
/// <param name="activationType">The type of the activation (activation or reset password)</param>
/// <returns>the user extension from the decrypted token</returns>
private UserExtension ValidateToken(ActivationRequest activationRequest, out string activationType)
{
ActivationToken token = DecrypToken(activationRequest.Token);
if (token == null)
{
throw new ValidationException(ErrorFactory.CreateAndLogError(Errors.SRVEX30066, "AccountManager.ValidateToken"));
}
if (DateTime.Now > token.ExpiryDate)
{
throw new ValidationException(ErrorFactory.CreateAndLogError(Errors.SRVEX30067, "AccountManager.ValidateToken",
additionalDescriptionParameters: new object[] { token.UserId, token.ExpiryDate }));
}
UserExtension userExtension = userExtensionDao.GetByKey(token.UserId);
if (userExtension == null)
{
throw new ValidationException(ErrorFactory.CreateAndLogError(Errors.SRVEX30064, "AccountManager.ValidateToken",
additionalDescriptionParameters:
new object[] { token.UserId, token.ExpiryDate }));
}
if (token.TypeCode == ACTIVATION_TYPE_CODE && userExtension.UserStatusCode != USER_STATUS_CREATEDCODE)
{
throw new ValidationException(ErrorFactory.CreateAndLogError(Errors.SRVEX30065, "AccountManager.ValidateToken",
additionalDescriptionParameters:
new object[] { token.UserId, userExtension.UserStatusCode }));
}
activationType = token.TypeCode;
return userExtension;
}
/// <summary>
/// Validate the encrypted token
/// </summary>
/// <param name="activationRequest">Activation request</param>
/// <returns>return true if valid</returns>
public bool Validate(ActivationRequest activationRequest)
{
string activationType;
return ValidateToken(activationRequest, out activationType) != null;
}
/// <summary>
/// Activate a user based on the activation request
/// </summary>
/// <param name="activationRequest">The activation request</param>
/// <returns>The activated user name</returns>
public string Activate(ActivationRequest activationRequest)
{
string activationType;
UserExtension userExtension = ValidateToken(activationRequest, out activationType);
if (userExtension != null)
{
return ActivateUser(userExtension, activationRequest, activationType);
}
return null;
}
