public async Task Evaluate_CompliantPackage_AddsRequiredCoOwner() { // Arrange var subscription = new MicrosoftTeamSubscription(); var policyHandler = new RequirePackageMetadataCompliancePolicy(); var nugetUser = new User("NuGet"); var newPackageRegistration = new PackageRegistration { Id = "NewPackageId", Owners = new List <User> { nugetUser } }; var newMicrosoftCompliantPackage = Fakes.CreateCompliantPackage("1.0", newPackageRegistration); var packageOwnershipManagementService = new Mock <IPackageOwnershipManagementService>(); packageOwnershipManagementService.Setup(m => m.AddPackageOwnerAsync(newPackageRegistration, It.IsAny <User>(), false)).Returns(Task.CompletedTask); var context = CreateTestContext( true, subscription.Policies, newMicrosoftCompliantPackage, packageRegistrationAlreadyExists: false, packageOwnershipManagementService: packageOwnershipManagementService.Object, sourceAccount: nugetUser, targetAccount: nugetUser); // Act var result = await policyHandler.EvaluateAsync(context); // Assert Assert.True(result.Success); packageOwnershipManagementService.Verify(s => s.AddPackageOwnerAsync(newPackageRegistration, Fakes.RequiredCoOwner, false), Times.Once); }
public async Task Evaluate_NonCompliantPackage_CreatesErrorResult(Package nonCompliantPackage) { // Arrange var subscription = new MicrosoftTeamSubscription(); var policyHandler = new RequirePackageMetadataCompliancePolicy(); var nugetUser = new User("NuGet"); var newPackageRegistration = new PackageRegistration { Id = "NewPackageId", Owners = new List <User> { nugetUser } }; var context = CreateTestContext( true, subscription.Policies, nonCompliantPackage, packageRegistrationAlreadyExists: false, sourceAccount: nugetUser, targetAccount: nugetUser); // Act var result = await policyHandler.EvaluateAsync(context); // Assert Assert.False(result.Success); Assert.Null(newPackageRegistration.Owners.SingleOrDefault(u => u.Username == MicrosoftTeamSubscription.MicrosoftUsername)); Assert.False(newPackageRegistration.IsVerified); }
public void Evaluate_ThrowsForNullArgument() { // Arrange var policyHandler = new RequirePackageMetadataCompliancePolicy(); // Act // Assert Assert.ThrowsAsync <ArgumentNullException>(() => policyHandler.EvaluateAsync(null)); }
public void Constructor_DefaultsToPackagePushSecurityPolicyAction() { // Arrange // Act var policyHandler = new RequirePackageMetadataCompliancePolicy(); // Assert Assert.Equal(SecurityPolicyAction.PackagePush, policyHandler.Action); }
private static List <UserSecurityPolicy> InitializePoliciesList() { return(new List <UserSecurityPolicy>() { RequirePackageMetadataCompliancePolicy.CreatePolicy( Name, MicrosoftUsername, allowedCopyrightNotices: AllowedCopyrightNotices, isLicenseUrlRequired: true, isProjectUrlRequired: true, errorMessageFormat: Strings.SecurityPolicy_RequireMicrosoftPackageMetadataComplianceForPush) }); }
public async Task Evaluate_SilentlySucceedsWhenRequiredCoOwnerDoesNotExist() { // Arrange var subscription = new MicrosoftTeamSubscription(); var policyHandler = new RequirePackageMetadataCompliancePolicy(); var fakes = new Fakes(); var context = CreateTestContext(false, subscription.Policies, fakes.NewPackageVersion, packageRegistrationAlreadyExists: false); // Act var result = await policyHandler.EvaluateAsync(context); // Assert Assert.Equal(SecurityPolicyResult.SuccessResult, result); }
public async Task Evaluate_DoesNotCommitChangesToEntityContext() { // Arrange var subscription = new MicrosoftTeamSubscription(); var policyHandler = new RequirePackageMetadataCompliancePolicy(); var nugetUser = new User("NuGet"); var newPackageRegistration = new PackageRegistration { Id = "NewPackageId", Owners = new List <User> { nugetUser } }; var newMicrosoftCompliantPackage = Fakes.CreateCompliantPackage("1.0", newPackageRegistration); var packageOwnershipManagementService = new Mock <IPackageOwnershipManagementService>(MockBehavior.Strict); packageOwnershipManagementService .Setup(m => m.AddPackageOwnerAsync(newPackageRegistration, It.IsAny <User>(), false /* commitChanges: false */)) .Returns(Task.CompletedTask) .Verifiable(); var userService = new Mock <IUserService>(MockBehavior.Strict); userService .Setup(m => m.FindByUsername(MicrosoftTeamSubscription.MicrosoftUsername, It.IsAny <bool>())) .Returns(Fakes.RequiredCoOwner) .Verifiable(); var telemetryService = new Mock <ITelemetryService>().Object; var context = new PackageSecurityPolicyEvaluationContext( userService.Object, packageOwnershipManagementService.Object, telemetryService, subscription.Policies, newMicrosoftCompliantPackage, sourceAccount: nugetUser, targetAccount: nugetUser, httpContext: It.IsAny <HttpContextBase>()); // Act var result = await policyHandler.EvaluateAsync(context); // Assert packageOwnershipManagementService.VerifyAll(); userService.VerifyAll(); }
public async Task Evaluate_CompliantPackageAuthors_CreatesSuccessResult() { // Arrange var nugetUser = new User("NuGet"); var newPackageRegistration = new PackageRegistration { Id = "NewPackageId", Owners = new List <User> { nugetUser } }; var packageAuthors = new[] { MicrosoftTeamSubscription.MicrosoftUsername, "The Most-Awesome Package Authors" }; var compliantPackage = Fakes.CreateCompliantPackage("1.0.0", newPackageRegistration, packageAuthors); var policy = RequirePackageMetadataCompliancePolicy.CreatePolicy( MicrosoftTeamSubscription.Name, MicrosoftTeamSubscription.MicrosoftUsername, allowedCopyrightNotices: MicrosoftTeamSubscription.AllowedCopyrightNotices, allowedAuthors: packageAuthors, isLicenseUrlRequired: true, isProjectUrlRequired: true, errorMessageFormat: Strings.SecurityPolicy_RequireMicrosoftPackageMetadataComplianceForPush); var policyHandler = new RequirePackageMetadataCompliancePolicy(); var packageOwnershipManagementService = new Mock <IPackageOwnershipManagementService>(); packageOwnershipManagementService.Setup(m => m.AddPackageOwnerAsync(newPackageRegistration, It.IsAny <User>(), false)).Returns(Task.CompletedTask); var context = CreateTestContext( true, new[] { policy }, compliantPackage, packageRegistrationAlreadyExists: false, sourceAccount: nugetUser, targetAccount: nugetUser, packageOwnershipManagementService: packageOwnershipManagementService.Object); // Act var result = await policyHandler.EvaluateAsync(context); // Assert Assert.True(result.Success); packageOwnershipManagementService.Verify(s => s.AddPackageOwnerAsync(newPackageRegistration, Fakes.RequiredCoOwner, false), Times.Once); }
public async Task Evaluate_CompliantPackage_CreatesWarningResultWhenPrefixReservationForNewIdIsMissing() { // Arrange var subscription = new MicrosoftTeamSubscription(); var policyHandler = new RequirePackageMetadataCompliancePolicy(); var nugetUser = new User("NuGet"); var newPackageRegistration = new PackageRegistration { Id = "NewPackageId", Owners = new List <User> { nugetUser } }; var newMicrosoftCompliantPackage = Fakes.CreateCompliantPackage("1.0", newPackageRegistration); var packageOwnershipManagementService = new Mock <IPackageOwnershipManagementService>(); packageOwnershipManagementService.Setup(m => m.AddPackageOwnerAsync(newPackageRegistration, It.IsAny <User>(), false)).Returns(Task.CompletedTask); var context = CreateTestContext( true, subscription.Policies, newMicrosoftCompliantPackage, packageRegistrationAlreadyExists: false, packageOwnershipManagementService: packageOwnershipManagementService.Object, sourceAccount: nugetUser, targetAccount: nugetUser); // Act var result = await policyHandler.EvaluateAsync(context); // Assert Assert.True(result.Success); Assert.Null(result.ErrorMessage); Assert.True(result.HasWarnings); Assert.NotEmpty(result.WarningMessages); Assert.Contains(Strings.SecurityPolicy_RequirePackagePrefixReserved, result.WarningMessages); Assert.False(newPackageRegistration.IsVerified); packageOwnershipManagementService.Verify(s => s.AddPackageOwnerAsync(newPackageRegistration, Fakes.RequiredCoOwner, false), Times.Once); }
public async Task Evaluate_DuplicatePackageAuthor_CreatesErrorResult() { // Arrange var nugetUser = new User("NuGet"); var newPackageRegistration = new PackageRegistration { Id = "NewPackageId", Owners = new List <User> { nugetUser } }; var packageAuthors = new[] { MicrosoftTeamSubscription.MicrosoftUsername, MicrosoftTeamSubscription.MicrosoftUsername }; var nonCompliantPackage = Fakes.CreateCompliantPackage("1.0.0", newPackageRegistration, packageAuthors); var policy = RequirePackageMetadataCompliancePolicy.CreatePolicy( MicrosoftTeamSubscription.Name, MicrosoftTeamSubscription.MicrosoftUsername, allowedCopyrightNotices: MicrosoftTeamSubscription.AllowedCopyrightNotices, allowedAuthors: new[] { MicrosoftTeamSubscription.MicrosoftUsername }, isLicenseUrlRequired: true, isProjectUrlRequired: true, errorMessageFormat: Strings.SecurityPolicy_RequireMicrosoftPackageMetadataComplianceForPush); var policyHandler = new RequirePackageMetadataCompliancePolicy(); var context = CreateTestContext( true, new[] { policy }, nonCompliantPackage, packageRegistrationAlreadyExists: false, sourceAccount: nugetUser, targetAccount: nugetUser); // Act var result = await policyHandler.EvaluateAsync(context); // Assert Assert.False(result.Success); Assert.Null(newPackageRegistration.Owners.SingleOrDefault(u => u.Username == MicrosoftTeamSubscription.MicrosoftUsername)); Assert.False(newPackageRegistration.IsVerified); }