public void PostForm_LoginRedirectPageId() { string loginFormPageUrl = UrlPath.ResolveAbsoluteUrl("~/" + this.urlNamePrefix + this.pageIndex); this.pageOperations = new PagesOperations(); var userId = ClaimsManager.GetCurrentUserId(); var user = UserManager.GetManager().GetUser(userId); try { ////Create simple page with a content block to redirect on it var mvcProxyContentBlock = new MvcControllerProxy(); mvcProxyContentBlock.ControllerName = typeof(ContentBlockController).FullName; var contentBlockController = new ContentBlockController(); contentBlockController.Content = this.searchValueFirst; mvcProxyContentBlock.Settings = new ControllerSettings(contentBlockController); Guid contentBlockPageID = this.pageOperations.CreatePageWithControl( mvcProxyContentBlock, this.pageNamePrefixContentBlockPage, this.pageTitlePrefixContentBlockPage, this.urlNamePrefixContentBlockPage, this.pageIndexContentBlockFirstPage); ////Create page with login form and set LoginRedirectPageId to the newly created page above var mvcProxy = new MvcControllerProxy(); mvcProxy.ControllerName = typeof(LoginFormController).FullName; var loginFormController = new LoginFormController(); loginFormController.Model.LoginRedirectPageId = contentBlockPageID; mvcProxy.Settings = new ControllerSettings(loginFormController); this.pageOperations.CreatePageWithControl(mvcProxy, this.pageNamePrefix, this.pageTitlePrefix, this.urlNamePrefix, this.pageIndex); SecurityManager.Logout(); ////create new user to Authenticate against newly created login form SitefinityTestUtilities.ServerOperations.Users().CreateUser(this.userName, this.password, "*****@*****.**", "test", "test", true, "AuthenticateUser", "IdentityHasClaimTypes", SecurityConstants.AppRoles.FrontendUsers); string postString = "UserName="******"&Password="******"The request was not redirected to the proper page set in LoginRedirectPageId!"); } finally { using (new AuthenticateUserRegion(user)) { this.pageOperations.DeletePages(); } SecurityManager.Logout(); SitefinityTestUtilities.ServerOperations.Users().DeleteUsers(new[] { this.userName }); } }
public void PostForm_LogOnLogOff() { string loginFormPageUrl = UrlPath.ResolveAbsoluteUrl("~/" + this.urlNamePrefix + this.pageIndex); this.pageOperations = new PagesOperations(); var userId = ClaimsManager.GetCurrentUserId(); var user = UserManager.GetManager().GetUser(userId); try { ////Create page with login form and set LoginRedirectPageId to the newly created page above var mvcProxy = new MvcControllerProxy(); mvcProxy.ControllerName = typeof(LoginFormController).FullName; var loginFormController = new LoginFormController(); mvcProxy.Settings = new ControllerSettings(loginFormController); this.pageOperations.CreatePageWithControl(mvcProxy, this.pageNamePrefix, this.pageTitlePrefix, this.urlNamePrefix, this.pageIndex); SecurityManager.Logout(); ////create new user to Authenticate against newly created login form SitefinityTestUtilities.ServerOperations.Users().CreateUser(this.userName, this.password, "*****@*****.**", "test", "test", true, "AuthenticateUser", "IdentityHasClaimTypes", SecurityConstants.AppRoles.FrontendUsers); string postString = "UserName="******"&Password="******"You are already logged in"), "The user was not logged in properly on the login form!"); string logOutUrl = "http://localhost/Sitefinity/SignOut?sts_signout=true&redirect_uri=http://localhost/" + this.urlNamePrefix + this.pageIndex; responseContent = PageInvoker.ExecuteWebRequest(logOutUrl, false); Assert.IsFalse(responseContent.Contains("You are already logged in"), "User was not logget out!"); } } finally { using (new AuthenticateUserRegion(user)) { this.pageOperations.DeletePages(); } SecurityManager.Logout(); SitefinityTestUtilities.ServerOperations.Users().DeleteUsers(new[] { this.userName }); } }
public void SubscribeForm_CheckForParamInjections() { this.pageOperations = new PagesOperations(); this.newslettersManager = NewslettersManager.GetManager(); Guid mailingListId = Guid.NewGuid(); var subscribers = this.newslettersManager.GetSubscribers().Where(s => s.Email == this.testEmail).ToList(); bool deleteSubsciber = (subscribers.Count > 0) ? false : true; try { ////Create a new mailing list string mailingListName = this.mailingListBaseName + this.mailingListIndex; SitefinityTestUtilities.ServerOperations.NewsLetter().CreateMailingList(mailingListId, mailingListName, string.Empty, string.Empty, string.Empty); ////Check if the mailing list was created successfully MailingList mailingList = this.newslettersManager.GetMailingLists().Where(l => l.Id == mailingListId).SingleOrDefault(); Assert.IsNotNull(mailingList, "New mailing list was not created successfully!"); ////Create simple page with a SubscribeForm widget that has SelectedMailingListId with the newly created mailing list var mvcControllerProxy = new MvcControllerProxy(); mvcControllerProxy.ControllerName = typeof(SubscribeFormController).FullName; var subscribeFormController = new SubscribeFormController(); subscribeFormController.Model.SelectedMailingListId = mailingListId; subscribeFormController.Model.SuccessfullySubmittedForm = SuccessfullySubmittedForm.OpenSpecificPage; mvcControllerProxy.Settings = new ControllerSettings(subscribeFormController); this.pageOperations.CreatePageWithControl( mvcControllerProxy, this.pageNamePrefix, this.pageTitlePrefix, this.urlNamePrefix, this.pageIndex); ////Create simple page with a content block to redirect on it mvcControllerProxy.ControllerName = typeof(ContentBlockController).FullName; var contentBlockController = new ContentBlockController(); contentBlockController.Content = this.searchValueText; mvcControllerProxy.Settings = new ControllerSettings(contentBlockController); this.pageOperations.CreatePageWithControl( mvcControllerProxy, this.pageNamePrefixContentBlockPage, this.pageTitlePrefixContentBlockPage, this.urlNamePrefixContentBlockPage, this.pageIndexContentBlockPage); string subscribeFormPageUrl = UrlPath.ResolveAbsoluteUrl("~/" + this.urlNamePrefix + this.pageIndex); string redirectUrl = UrlPath.ResolveAbsoluteUrl("~/" + this.urlNamePrefixContentBlockPage + this.pageIndexContentBlockPage); string postString = "Email=" + this.testEmail; ////Make an initial request to register the subscriber var responseContent = PageInvoker.PostWebRequest(subscribeFormPageUrl, postString, false); Assert.IsTrue(responseContent.Contains(this.subscribeValueText), "User was not successfully subscribed!"); ////Make a secondary request to inject the RedirectPageUrl value postString += "&RedirectPageUrl=" + redirectUrl; responseContent = PageInvoker.PostWebRequest(subscribeFormPageUrl, postString, false); Assert.IsFalse(responseContent.Contains(this.searchValueText), "RedirectPageUrl parameter was injected into the model!"); } finally { ////Delete created pages this.pageOperations.DeletePages(); ////Delete the created subsciber if he was created by the test if (deleteSubsciber) { Subscriber subscriber = this.newslettersManager.GetSubscribers().Where(s => s.Email == this.testEmail).FirstOrDefault(); if (subscriber != null) { this.newslettersManager.DeleteSubscriber(subscriber.Id); } } ////Delete created mailing list this.newslettersManager.DeleteMailingList(mailingListId); this.newslettersManager.SaveChanges(); } }
public void PostForm_LoginRedirectFromQueryString() { string loginFormPageUrl = UrlPath.ResolveAbsoluteUrl("~/" + this.urlNamePrefix + this.pageIndex); this.pageOperations = new PagesOperations(); var userId = ClaimsManager.GetCurrentUserId(); var user = UserManager.GetManager().GetUser(userId); try { var mvcProxyContentBlock = new MvcControllerProxy(); mvcProxyContentBlock.ControllerName = typeof(ContentBlockController).FullName; ////Create first simple page with a content block to redirect on it var contentBlockController = new ContentBlockController(); contentBlockController.Content = this.searchValueFirst; mvcProxyContentBlock.Settings = new ControllerSettings(contentBlockController); this.pageOperations.CreatePageWithControl( mvcProxyContentBlock, this.pageNamePrefixContentBlockPage, this.pageTitlePrefixContentBlockPage, this.urlNamePrefixContentBlockPage, this.pageIndexContentBlockFirstPage); ////Create second simple page with a content block to redirect on it var contentBlockControllerSecond = new ContentBlockController(); contentBlockControllerSecond.Content = this.searchValueSecond; mvcProxyContentBlock.Settings = new ControllerSettings(contentBlockControllerSecond); this.pageOperations.CreatePageWithControl( mvcProxyContentBlock, this.pageNamePrefixContentBlockPage, this.pageTitlePrefixContentBlockPage, this.urlNamePrefixContentBlockPage, this.pageIndexContentBlockSecondPage); ////Create page with login form var mvcProxy = new MvcControllerProxy(); mvcProxy.ControllerName = typeof(LoginFormController).FullName; var loginFormController = new LoginFormController(); mvcProxy.Settings = new ControllerSettings(loginFormController); this.pageOperations.CreatePageWithControl(mvcProxy, this.pageNamePrefix, this.pageTitlePrefix, this.urlNamePrefix, this.pageIndex); SecurityManager.Logout(); ////create new user to Authenticate against newly created login form SitefinityTestUtilities.ServerOperations.Users().CreateUser(this.userName, this.password, "*****@*****.**", "test", "test", true, "AuthenticateUser", "IdentityHasClaimTypes", SecurityConstants.AppRoles.FrontendUsers); ////There is few ways to redirect to another page ////First method is to combine realm param with redirect_uri param to get the full redirect url ////Example: ?realm=http://localhost:8086/&redirect_uri=/Sitefinity/Dashboard ////Second method is to use only realm or redirect_uri param to get the full redirect url ////Example: ?redirect_uri=http://localhost:8086/Sitefinity/Dashboard ////Third method is to get ReturnUrl param ////Example: ?ReturnUrl=http://localhost:8086/Sitefinity/Dashboard string postString = "UserName="******"&Password="******"?redirect_uri=" + this.urlNamePrefixContentBlockPage + this.pageIndexContentBlockFirstPage + "&realm=http://localhost/" + "&ReturnUrl=http://localhost/" + this.urlNamePrefixContentBlockPage + this.pageIndexContentBlockSecondPage; responseContent = PageInvoker.ExecuteWebRequest(testURL1, false); responseContent = PageInvoker.PostWebRequest(testURL1, postString, false); Assert.IsTrue(responseContent.Contains(this.searchValueFirst), "The request was not redirected to the proper page set in request url!"); } using (PageInvokerRegion region = new PageInvokerRegion()) { string testURL2 = loginFormPageUrl + "?realm=http://localhost/" + this.urlNamePrefixContentBlockPage + this.pageIndexContentBlockFirstPage; responseContent = PageInvoker.ExecuteWebRequest(testURL2, false); responseContent = PageInvoker.PostWebRequest(testURL2, postString, false); Assert.IsTrue(responseContent.Contains(this.searchValueFirst), "The request was not redirected to the proper page set in request url!"); } using (PageInvokerRegion region = new PageInvokerRegion()) { string testURL3 = loginFormPageUrl + "?redirect_uri=http://localhost/" + this.urlNamePrefixContentBlockPage + this.pageIndexContentBlockFirstPage; responseContent = PageInvoker.ExecuteWebRequest(testURL3, false); responseContent = PageInvoker.PostWebRequest(testURL3, postString, false); Assert.IsTrue(responseContent.Contains(this.searchValueFirst), "The request was not redirected to the proper page set in request url!"); } using (PageInvokerRegion region = new PageInvokerRegion()) { string testURL4 = loginFormPageUrl + "?ReturnUrl=http://localhost/" + this.urlNamePrefixContentBlockPage + this.pageIndexContentBlockSecondPage; responseContent = PageInvoker.ExecuteWebRequest(testURL4, false); responseContent = PageInvoker.PostWebRequest(testURL4, postString, false); Assert.IsTrue(responseContent.Contains(this.searchValueSecond), "The request was not redirected to the proper page set in request url!"); } } finally { using (new AuthenticateUserRegion(user)) { this.pageOperations.DeletePages(); } SecurityManager.Logout(); SitefinityTestUtilities.ServerOperations.Users().DeleteUsers(new[] { this.userName }); } }