public void Setup()
{
_container = new MocksAndStubsContainer();
_applicationSettings = _container.ApplicationSettings;
_applicationSettings.AttachmentsFolder = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "attachments");
_repository = _container.Repository;
_settingsService = _container.SettingsService;
_userService = _container.UserService;
_userContext = _container.UserContext;
_emailClientMock = _container.EmailClient;
_userService.AddUser(AdminEmail, AdminUsername, AdminPassword, true, true);
_userService.Users[0].IsActivated = true;
_userService.Users[0].Firstname = "Firstname";
_userService.Users[0].Lastname = "LastnameNotSurname";
_userController = new UserController(_applicationSettings, _userService, _userContext, _settingsService, null, null);
_mvcMockContainer = _userController.SetFakeControllerContext();
}
public void Signup_POST_Should_Set_ModelState_Error_From_SecurityException()
{
// Arrange
SiteSettings siteSettings = _settingsService.GetSiteSettings();
siteSettings.AllowUserSignup = true;
SignupEmailStub signupEmail = new SignupEmailStub(_applicationSettings, _repository, _emailClientMock); // change the signup email
UserController userController = new UserController(_applicationSettings, _userService, _userContext, _settingsService, signupEmail, null);
userController.SetFakeControllerContext();
_userService.ThrowSecurityExceptionOnSignup = true;
UserViewModel model = new UserViewModel();
// Act
ActionResult result = userController.Signup(model, null);
// Assert
ViewResult viewResult = result.AssertResultIs<ViewResult>();
Assert.That(viewResult.ViewName, Is.Not.EqualTo("Signup"));
Assert.That(userController.ModelState.Count, Is.EqualTo(1));
Assert.That(userController.ModelState["General"].Errors[0].ErrorMessage, Is.EqualTo("ThrowSecurityExceptionOnSignup"));
}
public void Signup_POST_Should_Send_Email()
{
// Arrange
_applicationSettings.UseWindowsAuthentication = false;
SiteSettings siteSettings = _settingsService.GetSiteSettings();
siteSettings.AllowUserSignup = true;
SignupEmailStub signupEmail = new SignupEmailStub(_applicationSettings, _repository, _emailClientMock);
UserController userController = new UserController(_applicationSettings, _userService, _userContext, _settingsService, signupEmail, null);
userController.SetFakeControllerContext();
UserViewModel model = new UserViewModel();
model.NewEmail = "blah@localhost";
model.Password = "******";
model.PasswordConfirmation = "password";
// Act
ActionResult result = userController.Signup(model, null);
// Assert
ViewResult viewResult = result.AssertResultIs<ViewResult>();
Assert.That(viewResult.ViewName, Is.EqualTo("SignupComplete"));
Assert.That(signupEmail.IsSent, Is.True);
Assert.That(signupEmail.ViewModel, Is.EqualTo(model));
}
public void Signup_POST_Should_Not_Send_Email_With_Invalid_ModelState()
{
// Arrange
_applicationSettings.UseWindowsAuthentication = false;
SiteSettings siteSettings = _settingsService.GetSiteSettings();
siteSettings.AllowUserSignup = true;
SignupEmailStub signupEmail = new SignupEmailStub(_applicationSettings, _repository, _emailClientMock);
UserController userController = new UserController(_applicationSettings, _userService, _userContext, _settingsService, signupEmail, null);
userController.SetFakeControllerContext();
userController.ModelState.AddModelError("key", "this is used to force ModelState.IsValid to false");
UserViewModel model = new UserViewModel();
// Act
ActionResult result = userController.Signup(model, null);
// Assert
ViewResult viewResult = result.AssertResultIs<ViewResult>();
Assert.That(viewResult.ViewName, Is.Not.EqualTo("Signup"));
Assert.That(userController.ModelState.Count, Is.EqualTo(1));
Assert.That(signupEmail.IsSent, Is.False);
}
public void ResetPassword_POST_Should_Not_Send_Email_With_Invalid_ModelState()
{
// Arrange
_applicationSettings.UseWindowsAuthentication = false;
SiteSettings siteSettings = _settingsService.GetSiteSettings();
ResetPasswordEmailStub resetEmail = new ResetPasswordEmailStub(_applicationSettings, _repository, _emailClientMock);
UserController userController = new UserController(_applicationSettings, _userService, _userContext, _settingsService, null, resetEmail);
userController.SetFakeControllerContext();
// Act
ActionResult result = userController.ResetPassword("fake email");
// Assert
ViewResult viewResult = result.AssertResultIs<ViewResult>();
viewResult.AssertViewRendered();
Assert.That(userController.ModelState.Count, Is.EqualTo(1));
Assert.That(resetEmail.IsSent, Is.EqualTo(false));
}
public void ResetPassword_POST_Should_Have_ResetPasswordSent_View_And_Should_Send_ResetPassword_Email()
{
// Arrange
_applicationSettings.UseWindowsAuthentication = false;
SiteSettings siteSettings = _settingsService.GetSiteSettings();
string email = "*****@*****.**";
_userService.AddUser(email, "test", "test", false, true);
_userService.Users.First(x => x.Email == email).IsActivated = true;
ResetPasswordEmailStub resetEmail = new ResetPasswordEmailStub(_applicationSettings, _repository, _emailClientMock);
UserController userController = new UserController(_applicationSettings, _userService, _userContext, _settingsService, null, resetEmail);
userController.SetFakeControllerContext();
// Act
ActionResult result = userController.ResetPassword(email);
// Assert
ViewResult viewResult = result.AssertResultIs<ViewResult>();
Assert.That(viewResult.ViewName, Is.EqualTo("ResetPasswordSent"));
Assert.That(resetEmail.IsSent, Is.True);
Assert.That(resetEmail.Model.ExistingEmail, Is.EqualTo(email));
Assert.That(resetEmail.Model.PasswordResetKey, Is.EqualTo(UserServiceMock.RESETKEY));
}
public void ResendConfirmation_POST_With_Invalid_Email_Should_Show_Signup_View()
{
// Arrange
_applicationSettings.UseWindowsAuthentication = false;
SiteSettings siteSettings = _settingsService.GetSiteSettings();
ResetPasswordEmailStub resetEmail = new ResetPasswordEmailStub(_applicationSettings, _repository, _emailClientMock);
UserController userController = new UserController(_applicationSettings, _userService, _userContext, _settingsService, null, resetEmail);
userController.SetFakeControllerContext();
// Act
ActionResult result = userController.ResendConfirmation("doesnt exist");
// Assert
ViewResult viewResult = result.AssertResultIs<ViewResult>();
Assert.That(viewResult.ViewName, Is.EqualTo("Signup"));
}
public void ResendConfirmation_POST_Should_SendEmail_And_Show_SignupComplete_View_And_Set_TempData()
{
// Arrange
_applicationSettings.UseWindowsAuthentication = false;
SiteSettings siteSettings = _settingsService.GetSiteSettings();
string email = "*****@*****.**";
_userService.AddUser(email, "test", "password", false, true);
UserViewModel model = new UserViewModel(_userService.GetUser("*****@*****.**", false));
SignupEmailStub signupEmail = new SignupEmailStub(_applicationSettings, _repository, _emailClientMock);
UserController userController = new UserController(_applicationSettings, _userService, _userContext, _settingsService, signupEmail, null);
userController.SetFakeControllerContext();
// Act
ActionResult result = userController.ResendConfirmation(email);
// Assert
ViewResult viewResult = result.AssertResultIs<ViewResult>();
Assert.That(viewResult.ViewName, Is.EqualTo("SignupComplete"));
Assert.That(viewResult.TempData["resend"], Is.EqualTo(true));
Assert.That(signupEmail.IsSent, Is.EqualTo(true));
}
public void Profile_POST_Should_Return_403_When_Updated_Id_Is_Not_Logged_In_User()
{
// Arrange
string loggedInEmail = "*****@*****.**";
string secondUserEmail = "*****@*****.**";
string secondUserNewEmail = "*****@*****.**";
_userService.AddUser(loggedInEmail, "profiletest", "password", false, true);
_userService.Users.First(x => x.Email == loggedInEmail).IsActivated = true;
Guid firstUserId = _userService.GetUser(loggedInEmail).Id;
_userService.AddUser(secondUserEmail, "seconduser", "password", false, true);
_userService.Users.First(x => x.Email == secondUserEmail).IsActivated = true;
Guid secondUserId = _userService.GetUser(secondUserEmail).Id;
_userContext.CurrentUser = firstUserId.ToString();
UserController userController = new UserController(_applicationSettings, _userService, _userContext, _settingsService, null, null);
userController.SetFakeControllerContext();
UserViewModel model = new UserViewModel(); // try to change the other user's email
model.Id = secondUserId;
model.ExistingEmail = secondUserEmail;
model.NewEmail = secondUserNewEmail;
model.Firstname = "test";
model.Lastname = "user";
model.ExistingUsername = "******";
model.NewUsername = "******";
// Act
ActionResult result = userController.Profile(model);
// Assert
Assert.That(result, Is.TypeOf<HttpStatusCodeResult>());
HttpStatusCodeResult redirectResult = result as HttpStatusCodeResult;
Assert.That(redirectResult.StatusCode, Is.EqualTo(403));
}
public void CompleteResetPassword_GET_Should_Return_CompleteResetPasswordInvalid_View_When_User_Is_Null()
{
// Arrange
UserController userController = new UserController(_applicationSettings, _userService, _userContext, _settingsService, null, null);
userController.SetFakeControllerContext();
// Act
ActionResult result = userController.CompleteResetPassword("invalidresetkey");
// Assert
ViewResult viewResult = result.AssertResultIs<ViewResult>();
Assert.That(viewResult.ViewName, Is.EqualTo("CompleteResetPasswordInvalid"));
}
public void CompleteResetPassword_GET_Should_Have_Correct_Model_And_ActionResult()
{
// Arrange
UserController userController = new UserController(_applicationSettings, _userService, _userContext, _settingsService, null, null);
userController.SetFakeControllerContext();
_userService.ResetPassword(AdminEmail);
// Act
ActionResult result = userController.CompleteResetPassword(UserServiceMock.RESETKEY);
// Assert
ViewResult viewResult = result.AssertResultIs<ViewResult>();
UserViewModel model = viewResult.ModelFromActionResult<UserViewModel>();
User expectedUser = _userService.Users[0];
Assert.That(model.Id, Is.EqualTo(expectedUser.Id));
Assert.That(model.NewEmail, Is.EqualTo(expectedUser.Email));
Assert.That(model.PasswordResetKey, Is.EqualTo(expectedUser.PasswordResetKey));
Assert.That(model.Firstname, Is.EqualTo(expectedUser.Firstname));
Assert.That(model.Lastname, Is.EqualTo(expectedUser.Lastname));
}