public async Task GetProfileByPhone_Success(DataFormat format)
{
var container = TestContainerBuilder.GetContainer(builder =>
builder.RegisterType <SymmetricKeyTokenGenerator>().As <ITokenGenerator>().SingleInstance());
var bootstrapper = new Domain0Bootstrapper(container);
var browser = new Browser(bootstrapper);
var phone = 79000000000;
var userId = 1;
var accessToken = TestContainerBuilder.BuildToken(container, userId, TokenClaims.CLAIM_PERMISSIONS_VIEW_USERS);
var accountMock = Mock.Get(container.Resolve <IAccountRepository>());
accountMock.Setup(a => a.FindByPhone(phone)).ReturnsAsync(new Account {
Id = userId, Phone = phone
});
var response = await browser.Get(UsersModule.GetUserByPhoneUrl.Replace("{phone}", phone.ToString()), with =>
{
with.Accept(format);
with.Header("Authorization", $"Bearer {accessToken}");
});
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
var result = response.Body.AsDataFormat <UserProfile>(format);
Assert.Equal(userId, result.Id);
Assert.Equal(phone.ToString(), result.Phone);
}
public async Task Login_Negative(DataFormat format)
{
var container = TestContainerBuilder.GetContainer();
var bootstrapper = new Domain0Bootstrapper(container);
var browser = new Browser(bootstrapper);
var user = "******";
var password = "******";
var ldapMock = Mock.Get(container.Resolve <ILdapClient>());
ldapMock.Setup(c => c.Authorize(user, password))
.Returns(Task.FromResult((LdapUser)null));
var response = await browser.Post(LdapModule.LoginByDomainUserUrl, with =>
{
with.Accept(format);
with.DataFormatBody(format, new ActiveDirectoryUserLoginRequest {
UserName = user, Password = password
});
});
Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode);
ldapMock.Verify(l => l.Authorize(user, password));
}
public async Task GetProfilesByFilter_BadRequest(DataFormat format)
{
var container = TestContainerBuilder.GetContainer(builder =>
builder.RegisterType <SymmetricKeyTokenGenerator>().As <ITokenGenerator>().SingleInstance());
var bootstrapper = new Domain0Bootstrapper(container);
var browser = new Browser(bootstrapper);
var userId = 1;
var accessToken = TestContainerBuilder.BuildToken(container, userId, TokenClaims.CLAIM_PERMISSIONS_VIEW_PROFILE);
var accountMock = Mock.Get(container.Resolve <IAccountRepository>());
accountMock.Setup(a => a.FindByUserIds(It.IsAny <IEnumerable <int> >())).Returns <IEnumerable <int> >(ids => Task.FromResult(ids.Select(id => new Account {
Id = id
}).ToArray()));
var response = await browser.Post(UsersModule.GetUsersByFilterUrl, with =>
{
with.Accept(format);
with.Header("Authorization", $"Bearer {accessToken}");
with.JsonBody("{userIds:['qwe','rty']}");
});
Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode);
}
public async Task UpdateUser_Success(DataFormat format)
{
var container = TestContainerBuilder.GetContainer(builder =>
builder.RegisterType <SymmetricKeyTokenGenerator>().As <ITokenGenerator>().SingleInstance());
var bootstrapper = new Domain0Bootstrapper(container);
var browser = new Browser(bootstrapper);
var userUpdate = new UserProfile
{
Id = 343,
Description = "newDescription",
Email = "email",
Phone = "412312",
Name = "name"
};
var accessToken = TestContainerBuilder.BuildToken(
container,
userUpdate.Id,
TokenClaims.CLAIM_PERMISSIONS_EDIT_USERS);
var accountMock = Mock.Get(container.Resolve <IAccountRepository>());
accountMock.Setup(a => a.FindByUserId(userUpdate.Id)).ReturnsAsync(
new Account
{
Id = userUpdate.Id,
Email = userUpdate.Email,
Phone = decimal.Parse(userUpdate.Phone),
Name = userUpdate.Name,
Description = userUpdate.Description,
});
var response = await browser.Post(UsersModule.PostUserUrl.Replace("{id}", userUpdate.Id.ToString()), with =>
{
with.Accept(format);
with.Header("Authorization", $"Bearer {accessToken}");
with.DataFormatBody(format, userUpdate);
});
accountMock.Verify(ar => ar.FindByUserId(userUpdate.Id), Times.Once);
accountMock.Verify(ar => ar.Update(
It.Is <Account>(a => a.Id == userUpdate.Id &&
a.Description == userUpdate.Description &&
a.Email == userUpdate.Email &&
a.Name == userUpdate.Name &&
a.Phone.ToString() == userUpdate.Phone)),
Times.Once);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
var result = response.Body.AsDataFormat <UserProfile>(format);
Assert.Equal(userUpdate.Id, result.Id);
Assert.Equal(userUpdate.Description, result.Description);
Assert.Equal(userUpdate.Email, result.Email);
Assert.Equal(userUpdate.Phone, result.Phone);
Assert.Equal(userUpdate.Name, result.Name);
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IContainer container)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseOwin(x => x.UseNancy(opt =>
{
var bootstrapper = new Domain0Bootstrapper(container);
opt.Bootstrapper = bootstrapper;
}));
}
public async Task GetProfileByUserId_NotFound(DataFormat format)
{
var container = TestContainerBuilder.GetContainer(builder =>
builder.RegisterType <SymmetricKeyTokenGenerator>().As <ITokenGenerator>().SingleInstance());
var bootstrapper = new Domain0Bootstrapper(container);
var browser = new Browser(bootstrapper);
var userId = 1;
var accessToken = TestContainerBuilder.BuildToken(container, userId, TokenClaims.CLAIM_PERMISSIONS_VIEW_USERS);
var accountMock = Mock.Get(container.Resolve <IAccountRepository>());
accountMock.Setup(a => a.FindByUserId(userId)).ReturnsAsync((Account)null);
var response = await browser.Get(UsersModule.GetUserByIdUrl.Replace("{id}", userId.ToString()), with =>
{
with.Accept(format);
with.Header("Authorization", $"Bearer {accessToken}");
});
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);
}
public void Configure(
IApplicationBuilder app,
IWebHostEnvironment env,
IConfiguration config)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseSwaggerUI(c =>
{
c.SwaggerEndpoint("/swagger.json", "Api");
c.RoutePrefix = "swagger-ui";
});
app.UseOwin(x => x.UseNancy(opt =>
{
var container = CreateContainer(config);
var bootstrapper = new Domain0Bootstrapper(container);
opt.Bootstrapper = bootstrapper;
}));
}
public async Task Login_Success(DataFormat format)
{
var container = TestContainerBuilder.GetContainer(builder =>
{
builder
.RegisterInstance(new Mock <ITokenGenerator>().Object)
.Keyed <ITokenGenerator>("HS256");
});
var bootstrapper = new Domain0Bootstrapper(container);
var browser = new Browser(bootstrapper);
var user = "******";
var password = "******";
var email = "*****@*****.**";
var accountMock = Mock.Get(container.Resolve <IAccountRepository>());
accountMock.Setup(a => a.FindByLogin(email)).ReturnsAsync(new Account {
Id = 1, Login = email, Email = email, Password = password
});
var ldapMock = Mock.Get(container.Resolve <ILdapClient>());
ldapMock.Setup(c => c.Authorize(user, password))
.Returns(Task.FromResult(new LdapUser {
Email = email
}));
var permissionMock = Mock.Get(container.Resolve <IPermissionRepository>());
permissionMock.Setup(a => a.GetByUserId(It.IsAny <int>())).ReturnsAsync(new[]
{
new Repository.Model.Permission {
Name = "test1"
},
new Repository.Model.Permission {
Name = "test2"
},
});
var tokenMock = Mock.Get(container.Resolve <ITokenRegistrationRepository>());
var authGenerator = Mock.Get(container.Resolve <IPasswordGenerator>());
authGenerator.Setup(a => a.CheckPassword(It.IsAny <string>(), It.IsAny <string>())).Returns <string, string>((pasd, hash) => pasd == hash);
var tokenGenerator = Mock.Get(container.ResolveKeyed <ITokenGenerator>("HS256"));
tokenGenerator.Setup(a => a.GenerateAccessToken(
It.IsAny <int>(), It.IsAny <DateTime>(), It.IsAny <string[]>()))
.Returns <int, DateTime, string[]>((userId, dt, perms) => userId + string.Join("", perms));
tokenGenerator.Setup(a => a.GenerateRefreshToken(
It.IsAny <int>(), It.IsAny <DateTime>(), It.IsAny <int>()))
.Returns <int, DateTime, int>((tid, dt, userId) => $"{tid}_{userId}");
var response = await browser.Post(LdapModule.LoginByDomainUserUrl, with =>
{
with.Accept(format);
with.DataFormatBody(format, new ActiveDirectoryUserLoginRequest {
UserName = user, Password = password
});
});
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
tokenMock.Verify(t => t.Save(It.IsAny <TokenRegistration>()), Times.Once);
accountMock.Verify(t => t.FindByLogin(email));
ldapMock.Verify(l => l.Authorize(user, password));
var result = response.Body.AsDataFormat <AccessTokenResponse>(format);
Assert.Equal(1, result.Profile.Id);
Assert.Equal(email, result.Profile.Email);
Assert.Equal("1test1test2", result.AccessToken);
Assert.Equal("0_1", result.RefreshToken);
}
public async Task Registration_With_Environment_Success(DataFormat format)
{
var container = TestContainerBuilder.GetContainer();
var bootstrapper = new Domain0Bootstrapper(container);
var browser = new Browser(bootstrapper);
var email = "*****@*****.**";
var envToken = "EnvironmentToken";
var accountRepository = container.Resolve <IAccountRepository>();
var accountMock = Mock.Get(accountRepository);
accountMock.Setup(a => a.FindByLogin(email)).ReturnsAsync((Account)null);
var permissionRepository = container.Resolve <IPermissionRepository>();
var permissionRepositoryMock = Mock.Get(permissionRepository);
permissionRepositoryMock
.Setup(p => p.GetByUserId(It.IsAny <int>()))
.ReturnsAsync(new[] { new Repository.Model.Permission() });
var messageTemplateRepository = container.Resolve <IMessageTemplateRepository>();
var messageTemplate = Mock.Get(messageTemplateRepository);
messageTemplate
.Setup(r => r.GetTemplate(
It.IsAny <MessageTemplateName>(),
It.IsAny <CultureInfo>(),
It.IsAny <MessageTemplateType>(),
It.IsAny <int>()))
.Returns <MessageTemplateName, CultureInfo, MessageTemplateType, int>((n, l, t, e) =>
{
if (n == MessageTemplateName.RegisterTemplate)
{
return(Task.FromResult("Your password is: {0} will valid for {1} min"));
}
if (n == MessageTemplateName.RegisterSubjectTemplate)
{
return(Task.FromResult("subject"));
}
if (n == MessageTemplateName.WelcomeSubjectTemplate)
{
return(Task.FromResult("subject"));
}
if (n == MessageTemplateName.WelcomeTemplate)
{
return(Task.FromResult("Hello {0}!"));
}
throw new NotImplementedException();
});
var passwordGenerator = container.Resolve <IPasswordGenerator>();
var passwordMock = Mock.Get(passwordGenerator);
passwordMock.Setup(p => p.GeneratePassword()).Returns("password");
var emailRequestMock = Mock.Get(container.Resolve <IEmailRequestRepository>());
var environmentRepositoryMock = Mock.Get(container.Resolve <IEnvironmentRepository>());
var env = new Repository.Model.Environment
{
Name = "test envToken",
Id = 765,
Token = envToken
};
environmentRepositoryMock
.Setup(callTo => callTo.GetByToken(It.Is <string>(s => s.Equals(envToken))))
.ReturnsAsync(env);
environmentRepositoryMock
.Setup(callTo => callTo.FindById(It.Is <int>(id => id == env.Id)))
.ReturnsAsync(env);
var registerResponse = await browser.Put(
EmailModule.RegisterByEmailWithEnvironmentUrl.Replace("{EnvironmentToken}", envToken),
with =>
{
with.Accept(format);
with.DataFormatBody(format, new RegisterRequest
{
Email = email
});
});
Assert.Equal(HttpStatusCode.NoContent, registerResponse.StatusCode);
environmentRepositoryMock
.Verify(callTo =>
callTo.GetByToken(It.Is <string>(t => t.Equals(envToken))),
Times.Once);
emailRequestMock.Verify(a => a.Save(It.Is <EmailRequest>(r => r.EnvironmentId == env.Id)), Times.Once());
emailRequestMock
.Setup(x => x.ConfirmRegister(It.IsAny <string>(), It.IsAny <string>()))
.ReturnsAsync(new EmailRequest
{
EnvironmentId = env.Id
});
var smsClient = container.Resolve <IEmailClient>();
var emailMock = Mock.Get(smsClient);
emailMock.Verify(s => s.Send("subject", email, "Your password is: password will valid for 120 min"));
var firstLoginResponse = await browser.Post(EmailModule.LoginByEmailUrl,
with =>
{
with.Accept(format);
with.DataFormatBody(format,
new EmailLoginRequest {
Email = email, Password = "******"
});
});
Assert.Equal(HttpStatusCode.OK, firstLoginResponse.StatusCode);
environmentRepositoryMock
.Verify(
callTo => callTo.SetUserEnvironment(It.IsAny <int>(), env.Id.Value),
Times.Once);
accountMock.Verify(x => x.Insert(It.IsAny <Account>()), Times.Once);
}
public async Task ForceCreateUser_SendEmail_StandardTemplate(DataFormat format)
{
var container = TestContainerBuilder.GetContainer(builder =>
builder.RegisterType <SymmetricKeyTokenGenerator>().As <ITokenGenerator>().SingleInstance());
var bootstrapper = new Domain0Bootstrapper(container);
var browser = new Browser(bootstrapper);
var userId = 1;
var email = "email";
var roles = new List <string> {
"role1", "role2"
};
var accessToken = TestContainerBuilder.BuildToken(container, userId, TokenClaims.CLAIM_PERMISSIONS_FORCE_CREATE_USER);
var accountRepository = container.Resolve <IAccountRepository>();
var accountMock = Mock.Get(accountRepository);
var registers = new Dictionary <string, Account>();
accountMock
.Setup(a => a.Insert(It.IsAny <Account>()))
.Callback <Account>(a => registers[a.Email] = a)
.Returns(Task.FromResult(1));
accountMock
.Setup(a => a.FindByLogin(email))
.Returns <string>(p =>
Task.FromResult(registers.TryGetValue(p, out var acc)
? acc
: null));
var roleRepository = container.Resolve <IRoleRepository>();
var roleMock = Mock.Get(roleRepository);
roleMock.Setup(r => r.GetByRoleNames(It.IsAny <string[]>())).ReturnsAsync(roles.Select(role => new Repository.Model.Role {
Name = role
}).ToArray());
var passwordGenerator = container.Resolve <IPasswordGenerator>();
var passwordMock = Mock.Get(passwordGenerator);
passwordMock.Setup(p => p.GeneratePassword()).Returns("password");
var messageTemplateRepository = container.Resolve <IMessageTemplateRepository>();
var messageTemplate = Mock.Get(messageTemplateRepository);
messageTemplate.Setup(r =>
r.GetTemplate(
MessageTemplateName.WelcomeTemplate,
It.IsAny <CultureInfo>(),
It.IsAny <MessageTemplateType>(),
It.IsAny <int>()))
.ReturnsAsync("hello {1} {0}!");
messageTemplate.Setup(r =>
r.GetTemplate(
MessageTemplateName.WelcomeSubjectTemplate,
It.IsAny <CultureInfo>(),
It.IsAny <MessageTemplateType>(),
It.IsAny <int>()))
.ReturnsAsync("Subject!");
var response = await browser.Put(
EmailModule.ForceCreateUserUrl,
with =>
{
with.Accept(format);
with.Header("Authorization", $"Bearer {accessToken}");
with.DataFormatBody(
format,
new ForceCreateEmailUserRequest
{
BlockEmailSend = false,
Email = email,
Name = "test",
Roles = roles,
});
});
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
var emailClient = container.Resolve <IEmailClient>();
var emailMock = Mock.Get(emailClient);
emailMock.Verify(s => s.Send("Subject!", email, "hello password " + email + "!"));
var environmentRepositoryMock = Mock.Get(container.Resolve <IEnvironmentRepository>());
environmentRepositoryMock
.Verify(
callTo => callTo.SetUserEnvironment(It.IsAny <int>(), 123),
Times.Once);
}
public async Task RequestChangeEmail_Success(DataFormat format)
{
var container = TestContainerBuilder.GetContainer(builder =>
builder.RegisterType <SymmetricKeyTokenGenerator>().As <ITokenGenerator>().SingleInstance());
var bootstrapper = new Domain0Bootstrapper(container);
var browser = new Browser(bootstrapper);
var accountId = 321;
var userId = 1;
var email = "email";
var newEmail = "newEmail";
var password = "******";
var pin = "333";
var accessToken = TestContainerBuilder.BuildToken(container, userId, TokenClaims.CLAIM_PERMISSIONS_BASIC);
var account = new Account {
Id = accountId, Login = email, Email = email, Password = password
};
var accountMock = Mock.Get(container.Resolve <IAccountRepository>());
accountMock.Setup(a => a.FindByUserId(userId)).ReturnsAsync(account);
var emailRequestRepository = Mock.Get(container.Resolve <IEmailRequestRepository>());
emailRequestRepository
.Setup(sr => sr.PickByUserId(
It.Is <int>(x => x == userId)))
.ReturnsAsync(new EmailRequest
{
Email = newEmail,
UserId = userId,
Password = pin
});
var authGenerator = Mock.Get(container.Resolve <IPasswordGenerator>());
authGenerator.Setup(a =>
a.CheckPassword(It.IsAny <string>(), It.IsAny <string>())).Returns <string, string>((pasd, hash) => pasd == hash);
authGenerator.Setup(a => a.GeneratePassword())
.Returns(pin);
var messageTemplate = Mock.Get(container.Resolve <IMessageTemplateRepository>());
messageTemplate
.Setup(r => r.GetTemplate(
It.IsAny <MessageTemplateName>(),
It.IsAny <CultureInfo>(),
It.IsAny <MessageTemplateType>(),
It.IsAny <int>()))
.Returns <MessageTemplateName, CultureInfo, MessageTemplateType, int>((n, l, t, e) =>
{
if (n == MessageTemplateName.RequestEmailChangeTemplate)
{
return(Task.FromResult("Your password is: {0} will valid for {1} min"));
}
if (n == MessageTemplateName.RequestEmailChangeSubjectTemplate)
{
return(Task.FromResult("Subject"));
}
throw new NotImplementedException();
});
var emailClient = Mock.Get(container.Resolve <IEmailClient>());
var responseToChangeRequest = await browser.Post(
EmailModule.RequestChangeEmailUrl,
with =>
{
with.Accept(format);
with.Header("Authorization", $"Bearer {accessToken}");
with.DataFormatBody(format,
new ChangeEmailUserRequest
{
Password = password,
Email = newEmail
});
});
Assert.Equal(HttpStatusCode.NoContent, responseToChangeRequest.StatusCode);
authGenerator.Verify(ag =>
ag.CheckPassword(
It.Is <string>(x => x == password),
It.Is <string>(x => x == password)),
Times.Once);
emailRequestRepository.Verify(
srr => srr.Save(
It.Is <EmailRequest>(r =>
r.UserId == userId &&
r.Email == newEmail &&
r.Password == pin)),
Times.Once);
messageTemplate.Verify(mtr =>
mtr.GetTemplate(
It.Is <MessageTemplateName>(mt => mt == MessageTemplateName.RequestEmailChangeTemplate),
It.IsAny <CultureInfo>(),
It.Is <MessageTemplateType>(mtt => mtt == MessageTemplateType.email),
It.IsAny <int>()),
Times.Once);
emailClient.Verify(sc =>
sc.Send(
It.IsAny <string>(),
It.Is <string>(x => x == newEmail),
It.IsAny <string>()),
Times.Once);
var responseToCommitRequest = await browser.Post(
EmailModule.CommitChangeEmailUrl,
with =>
{
with.Accept(format);
with.Header("Authorization", $"Bearer {accessToken}");
with.Query("code", pin);
});
Assert.Equal(HttpStatusCode.NoContent, responseToCommitRequest.StatusCode);
accountMock.Verify(ar =>
ar.Update(
It.Is <Account>(a =>
a.Id == accountId &&
a.Login == newEmail &&
a.Email == newEmail)),
Times.Once);
}
public async Task ForceResetPassword_Success(DataFormat format)
{
var container = TestContainerBuilder.GetContainer(builder =>
builder.RegisterType <SymmetricKeyTokenGenerator>().As <ITokenGenerator>().SingleInstance());
var bootstrapper = new Domain0Bootstrapper(container);
var browser = new Browser(bootstrapper);
var userId = 1;
var email = "email";
var password = "******";
var accessToken = TestContainerBuilder.BuildToken(container, userId, TokenClaims.CLAIM_PERMISSIONS_FORCE_PASSWORD_RESET);
var tokenRegistrationRepository = container.Resolve <ITokenRegistrationRepository>();
var tokenRegistrationMock = Mock.Get(tokenRegistrationRepository);
var accountRepository = container.Resolve <IAccountRepository>();
var accountMock = Mock.Get(accountRepository);
accountMock
.Setup(a => a.FindByLogin(email))
.ReturnsAsync(new Account
{
Id = userId,
Email = email,
Login = email,
Password = password
});
var passwordGenerator = container.Resolve <IPasswordGenerator>();
var passwordMock = Mock.Get(passwordGenerator);
passwordMock.Setup(p => p.GeneratePassword()).Returns(password);
passwordMock.Setup(a => a.HashPassword(It.IsAny <string>())).Returns <string>(p => p);
var messageTemplateRepository = container.Resolve <IMessageTemplateRepository>();
var messageTemplate = Mock.Get(messageTemplateRepository);
messageTemplate.Setup(r =>
r.GetTemplate(
MessageTemplateName.ForcePasswordResetTemplate,
It.IsAny <CultureInfo>(),
It.IsAny <MessageTemplateType>(),
It.IsAny <int>())
)
.ReturnsAsync("hello, your new password is {0}!");
messageTemplate.Setup(r =>
r.GetTemplate(
MessageTemplateName.ForcePasswordResetSubjectTemplate,
It.IsAny <CultureInfo>(),
It.IsAny <MessageTemplateType>(),
It.IsAny <int>()))
.ReturnsAsync("subject");
var response = await browser.Post(
UsersModule.ForceResetUserPasswordUrl,
with =>
{
with.Accept(format);
with.Header("Authorization", $"Bearer {accessToken}");
with.DataFormatBody(
format,
new ForceResetPasswordRequest
{
Email = email
});
});
Assert.Equal(HttpStatusCode.NoContent, response.StatusCode);
accountMock.Verify(am => am.FindByLogin(email));
accountMock.Verify(am => am.Update(
It.Is <Account>(a => a.Password == password)));
messageTemplate.Verify(mt => mt.GetTemplate(
MessageTemplateName.ForcePasswordResetTemplate,
It.IsAny <CultureInfo>(),
MessageTemplateType.email,
It.IsAny <int>()));
messageTemplate.Verify(mt => mt.GetTemplate(
MessageTemplateName.ForcePasswordResetSubjectTemplate,
It.IsAny <CultureInfo>(),
MessageTemplateType.email,
It.IsAny <int>()));
var emaClient = container.Resolve <IEmailClient>();
var smsMock = Mock.Get(emaClient);
smsMock.Verify(s =>
s.Send("subject", email, "hello, your new password is password!"));
tokenRegistrationMock.Verify(x => x.RevokeByUserId(userId), Times.Once);
}
