public async Task Create_should_add_user()
{
var identity = CreateIdentity(found: false);
var values = new UserValues
{
Email = identity.Email
};
SetupCreation(identity, 1);
await sut.CreateAsync(values.Email, values);
A.CallTo(() => userEvents.OnUserRegisteredAsync(A <IUser> .That.Matches(x => x.Identity == identity)))
.MustHaveHappened();
A.CallTo(() => userEvents.OnConsentGivenAsync(A <IUser> .That.Matches(x => x.Identity == identity)))
.MustNotHaveHappened();
A.CallTo(() => userManager.AddClaimsAsync(identity, HasClaim(SquidexClaimTypes.Permissions)))
.MustNotHaveHappened();
A.CallTo(() => userManager.AddPasswordAsync(identity, A <string> ._))
.MustNotHaveHappened();
A.CallTo(() => userManager.SetLockoutEndDateAsync(identity, A <DateTimeOffset> ._))
.MustNotHaveHappened();
}
public async Task <bool> CreateUserIfNotExists(string email, bool invited)
{
Guard.NotNullOrEmpty(email);
using (var scope = serviceProvider.CreateScope())
{
var userFactory = scope.ServiceProvider.GetRequiredService <IUserFactory>();
var userManager = scope.ServiceProvider.GetRequiredService <UserManager <IdentityUser> >();
var user = userFactory.Create(email);
try
{
var result = await userManager.CreateAsync(user);
if (result.Succeeded)
{
var values = new UserValues {
DisplayName = email, Invited = invited
};
await userManager.UpdateAsync(user, values);
}
return(result.Succeeded);
}
catch
{
return(false);
}
}
}
public async Task <(IUser?User, bool Created)> CreateUserIfNotExistsAsync(string email, bool invited = false,
CancellationToken ct = default)
{
Guard.NotNullOrEmpty(email, nameof(email));
await using (var scope = serviceProvider.CreateAsyncScope())
{
var userService = scope.ServiceProvider.GetRequiredService <IUserService>();
try
{
var values = new UserValues
{
Invited = invited
};
var user = await userService.CreateAsync(email, values, ct : ct);
return(user, true);
}
catch
{
}
var found = await FindByIdOrEmailAsync(email, ct);
return(found, false);
}
}
private static bool HasConsentGiven(UserValues values, IUser?oldUser)
{
if (values.Consent == true && oldUser?.Claims.HasConsent() != true)
{
return(true);
}
return(values.ConsentForEmails == true && oldUser?.Claims.HasConsentForEmails() != true);
}
public static Task <IdentityResult> GenerateClientSecretAsync(this UserManager <IdentityUser> userManager, IdentityUser user)
{
var update = new UserValues
{
ClientSecret = RandomHash.New()
};
return(update.SyncClaims(userManager, user));
}
public async Task Update_should_throw_exception_if_not_found()
{
var update = new UserValues
{
Email = "*****@*****.**"
};
var identity = CreateIdentity(found: false);
await Assert.ThrowsAsync <DomainObjectNotFoundException>(() => sut.UpdateAsync(identity.Id, update));
}
public async Task Update_should_not_invoke_events_if_silent()
{
var update = new UserValues();
var identity = CreateIdentity(found: true);
await sut.UpdateAsync(identity.Id, update, true);
A.CallTo(() => userEvents.OnUserUpdatedAsync(A <IUser> .That.Matches(x => x.Identity == identity), A <IUser> ._))
.MustNotHaveHappened();
}
public async Task Update_should_do_nothing_for_new_update()
{
var update = new UserValues();
var identity = CreateIdentity(found: true);
await sut.UpdateAsync(identity.Id, update);
A.CallTo(() => userEvents.OnUserUpdatedAsync(A <IUser> .That.Matches(x => x.Identity == identity), A <IUser> ._))
.MustHaveHappened();
}
public async Task <IUser> UpdateAsync(string id, UserValues values, bool silent = false,
CancellationToken ct = default)
{
Guard.NotNullOrEmpty(id);
Guard.NotNull(values);
var user = await GetUserAsync(id);
var oldUser = await ResolveAsync(user);
if (!string.IsNullOrWhiteSpace(values.Email) && values.Email != user.Email)
{
await userManager.SetEmailAsync(user, values.Email).Throw(log);
await userManager.SetUserNameAsync(user, values.Email).Throw(log);
}
await userManager.SyncClaims(user, values).Throw(log);
if (!string.IsNullOrWhiteSpace(values.Password))
{
if (await userManager.HasPasswordAsync(user))
{
await userManager.RemovePasswordAsync(user).Throw(log);
}
await userManager.AddPasswordAsync(user, values.Password).Throw(log);
}
var resolved = await ResolveAsync(user);
if (!silent)
{
foreach (var @events in userEvents)
{
await @events.OnUserUpdatedAsync(resolved, oldUser);
}
if (HasConsentGiven(values, oldUser))
{
foreach (var @events in userEvents)
{
await @events.OnConsentGivenAsync(resolved);
}
}
}
return(resolved);
}
public async Task Create_should_raise_event_if_consent_given()
{
var identity = CreateIdentity(found: false);
var values = new UserValues
{
Consent = true
};
SetupCreation(identity, 1);
await sut.CreateAsync(identity.Email, values);
A.CallTo(() => userEvents.OnConsentGivenAsync(A <IUser> .That.Matches(x => x.Identity == identity)))
.MustHaveHappened();
}
public async Task Create_should_lock_second_user()
{
var identity = CreateIdentity(found: false);
var values = new UserValues
{
Consent = true
};
SetupCreation(identity, 1);
await sut.CreateAsync(identity.Email, values, true);
A.CallTo(() => userManager.SetLockoutEndDateAsync(identity, InFuture()))
.MustHaveHappened();
}
public async Task Create_should_add_password()
{
var identity = CreateIdentity(found: false);
var values = new UserValues
{
Password = "******"
};
SetupCreation(identity, 1);
await sut.CreateAsync(identity.Email, values, false);
A.CallTo(() => userManager.AddPasswordAsync(identity, values.Password))
.MustHaveHappened();
}
public async Task Create_should_not_lock_first_user()
{
var identity = CreateIdentity(found: false);
var values = new UserValues
{
Consent = true
};
SetupCreation(identity, 0);
await sut.CreateAsync(identity.Email, values, true);
A.CallTo(() => userManager.SetLockoutEndDateAsync(identity, A <DateTimeOffset> ._))
.MustNotHaveHappened();
}
public async Task Create_should_set_admin_if_first_user()
{
var identity = CreateIdentity(found: false);
var values = new UserValues
{
Consent = true
};
SetupCreation(identity, 0);
await sut.CreateAsync(identity.Email, values);
A.CallTo(() => userManager.AddClaimsAsync(identity, HasClaim(SquidexClaimTypes.Permissions, Permissions.Admin)))
.MustHaveHappened();
}
public async Task Update_should_set_claim_if_email_consent_given()
{
var update = new UserValues
{
ConsentForEmails = true
};
var identity = CreateIdentity(found: true);
await sut.UpdateAsync(identity.Id, update);
A.CallTo <Task <IdentityResult> >(() => userManager.AddClaimsAsync(identity, HasClaim(SquidexClaimTypes.ConsentForEmails)))
.MustHaveHappened();
A.CallTo(() => userEvents.OnConsentGivenAsync(A <IUser> .That.Matches(x => x.Identity == identity)))
.MustHaveHappened();
}
public async Task Update_should_change_email_if_changed()
{
var update = new UserValues
{
Email = "*****@*****.**"
};
var identity = CreateIdentity(found: true);
await sut.UpdateAsync(identity.Id, update);
A.CallTo(() => userManager.SetEmailAsync(identity, update.Email))
.MustHaveHappened();
A.CallTo(() => userManager.SetUserNameAsync(identity, update.Email))
.MustHaveHappened();
}
public async Task Update_should_change_password_if_changed()
{
var update = new UserValues
{
Password = "******"
};
var identity = CreateIdentity(found: true);
A.CallTo(() => userManager.HasPasswordAsync(identity))
.Returns(true);
await sut.UpdateAsync(identity.Id, update);
A.CallTo(() => userManager.RemovePasswordAsync(identity))
.MustHaveHappened();
A.CallTo(() => userManager.AddPasswordAsync(identity, update.Password))
.MustHaveHappened();
}
public async Task SetClaimAsync(string id, string type, string value)
{
Guard.NotNullOrEmpty(id, nameof(id));
Guard.NotNullOrEmpty(type, nameof(type));
Guard.NotNullOrEmpty(value, nameof(value));
using (var scope = serviceProvider.CreateScope())
{
var userService = scope.ServiceProvider.GetRequiredService <IUserService>();
var values = new UserValues
{
CustomClaims = new List <Claim>
{
new Claim(type, value)
}
};
await userService.UpdateAsync(id, values);
}
}
public async Task SetClaimAsync(string id, string type, string value, bool silent = false,
CancellationToken ct = default)
{
Guard.NotNullOrEmpty(id, nameof(id));
Guard.NotNullOrEmpty(type, nameof(type));
Guard.NotNullOrEmpty(value, nameof(value));
await using (var scope = serviceProvider.CreateAsyncScope())
{
var userService = scope.ServiceProvider.GetRequiredService <IUserService>();
var values = new UserValues
{
CustomClaims = new List <Claim>
{
new Claim(type, value)
}
};
await userService.UpdateAsync(id, values, silent, ct);
}
}
public async Task <(IUser?User, bool Created)> CreateUserIfNotExistsAsync(string email, bool invited)
{
Guard.NotNullOrEmpty(email);
var created = false;
using (var scope = serviceProvider.CreateScope())
{
var userFactory = scope.ServiceProvider.GetRequiredService <IUserFactory>();
var userManager = scope.ServiceProvider.GetRequiredService <UserManager <IdentityUser> >();
try
{
var user = userFactory.Create(email);
var result = await userManager.CreateAsync(user);
if (result.Succeeded)
{
created = true;
var values = new UserValues {
DisplayName = email, Invited = invited
};
await userManager.UpdateAsync(user, values);
}
}
catch
{
}
var found = await userManager.FindByEmailWithClaimsAsync(email);
return(found, created);
}
}
public async Task <bool> CreateUserIfNotExists(string email, bool invited)
{
var user = userFactory.Create(email);
try
{
var result = await userManager.CreateAsync(user);
if (result.Succeeded)
{
var values = new UserValues {
DisplayName = email, Invited = invited
};
await userManager.UpdateAsync(user, values);
}
return(result.Succeeded);
}
catch
{
return(false);
}
}
public static async Task <UserWithClaims> CreateAsync(this UserManager <IdentityUser> userManager, IUserFactory factory, UserValues values)
{
var user = factory.Create(values.Email);
try
{
await DoChecked(() => userManager.CreateAsync(user));
await DoChecked(() => values.SyncClaims(userManager, user));
if (!string.IsNullOrWhiteSpace(values.Password))
{
await DoChecked(() => userManager.AddPasswordAsync(user, values.Password));
}
}
catch
{
await userManager.DeleteAsync(user);
throw;
}
return((await userManager.ResolveUserAsync(user)) !);
}
public static async Task <IdentityResult> UpdateSafeAsync(this UserManager <IdentityUser> userManager, IdentityUser user, UserValues values)
{
try
{
await userManager.UpdateAsync(user, values);
return(IdentityResult.Success);
}
catch (ValidationException ex)
{
return(IdentityResult.Failed(ex.Errors.Select(x => new IdentityError {
Description = x.Message
}).ToArray()));
}
}
public static async Task UpdateAsync(this UserManager <IdentityUser> userManager, IdentityUser user, UserValues values)
{
if (user == null)
{
throw new DomainObjectNotFoundException("Id", typeof(IdentityUser));
}
if (!string.IsNullOrWhiteSpace(values.Email) && values.Email != user.Email)
{
await DoChecked(() => userManager.SetEmailAsync(user, values.Email), "Cannot update email.");
await DoChecked(() => userManager.SetUserNameAsync(user, values.Email), "Cannot update email.");
}
await DoChecked(() => userManager.SyncClaimsAsync(user, values.ToClaims(false)), "Cannot update user.");
if (!string.IsNullOrWhiteSpace(values.Password))
{
await DoChecked(() => userManager.RemovePasswordAsync(user), "Cannot replace password.");
await DoChecked(() => userManager.AddPasswordAsync(user, values.Password), "Cannot replace password.");
}
}
public static async Task UpdateAsync(this UserManager <IdentityUser> userManager, string id, UserValues values)
{
var user = await userManager.FindByIdAsync(id);
if (user == null)
{
throw new DomainObjectNotFoundException(id, typeof(IdentityUser));
}
await UpdateAsync(userManager, user, values);
}
public static Task <IdentityResult> SyncClaims(this UserManager <IdentityUser> userManager, IdentityUser user, UserValues values)
{
return(values.SyncClaims(userManager, user));
}
public static async Task UpdateAsync(this UserManager <IdentityUser> userManager, IdentityUser user, UserValues values)
{
Guard.NotNull(user, nameof(user));
Guard.NotNull(values, nameof(values));
if (!string.IsNullOrWhiteSpace(values.Email) && values.Email != user.Email)
{
await DoChecked(() => userManager.SetEmailAsync(user, values.Email));
await DoChecked(() => userManager.SetUserNameAsync(user, values.Email));
}
await DoChecked(() => values.SyncClaims(userManager, user));
if (!string.IsNullOrWhiteSpace(values.Password))
{
await DoChecked(() => userManager.RemovePasswordAsync(user));
await DoChecked(() => userManager.AddPasswordAsync(user, values.Password));
}
}
public static async Task <UserWithClaims> CreateAsync(this UserManager <IdentityUser> userManager, IUserFactory factory, UserValues values)
{
var user = factory.Create(values.Email);
try
{
await DoChecked(() => userManager.CreateAsync(user), "Cannot create user.");
var claims = values.ToClaims(true);
if (claims.Count > 0)
{
await DoChecked(() => userManager.AddClaimsAsync(user, claims), "Cannot add user.");
}
if (!string.IsNullOrWhiteSpace(values.Password))
{
await DoChecked(() => userManager.AddPasswordAsync(user, values.Password), "Cannot create user.");
}
}
catch
{
await userManager.DeleteAsync(user);
throw;
}
return((await userManager.ResolveUserAsync(user)) !);
}
public static async Task <UserWithClaims> UpdateAsync(this UserManager <IdentityUser> userManager, string id, UserValues values)
{
var user = await userManager.FindByIdAsync(id);
if (user == null)
{
throw new DomainObjectNotFoundException(id);
}
await UpdateAsync(userManager, user, values);
return((await userManager.ResolveUserAsync(user)) !);
}