From 79ab2b304d93b1029515bd3f954db4e5a73f4168 Mon Sep 17 00:00:00 2001 From: crupest Date: Thu, 30 Jan 2020 20:26:52 +0800 Subject: ... --- .../IntegratedTests/AuthorizationTest.cs | 4 +- Timeline.Tests/IntegratedTests/I18nTest.cs | 59 --- .../IntegratedTests/IntegratedTestBase.cs | 117 ++++-- .../IntegratedTests/PersonalTimelineTest.cs | 37 +- Timeline.Tests/IntegratedTests/TokenTest.cs | 18 +- Timeline.Tests/IntegratedTests/UserAvatarTest.cs | 45 ++- Timeline.Tests/IntegratedTests/UserDetailTest.cs | 154 -------- Timeline.Tests/IntegratedTests/UserTest.cs | 427 ++++++++++++++------- 8 files changed, 421 insertions(+), 440 deletions(-) delete mode 100644 Timeline.Tests/IntegratedTests/I18nTest.cs delete mode 100644 Timeline.Tests/IntegratedTests/UserDetailTest.cs (limited to 'Timeline.Tests/IntegratedTests') diff --git a/Timeline.Tests/IntegratedTests/AuthorizationTest.cs b/Timeline.Tests/IntegratedTests/AuthorizationTest.cs index 0bc094af..4aa6b3ae 100644 --- a/Timeline.Tests/IntegratedTests/AuthorizationTest.cs +++ b/Timeline.Tests/IntegratedTests/AuthorizationTest.cs @@ -22,7 +22,7 @@ namespace Timeline.Tests.IntegratedTests [Fact] public async Task UnauthenticationTest() { - using var client = await CreateClientWithNoAuth(); + using var client = await CreateDefaultClient(); var response = await client.GetAsync(AuthorizeUrl); response.Should().HaveStatusCode(HttpStatusCode.Unauthorized); } @@ -48,7 +48,7 @@ namespace Timeline.Tests.IntegratedTests [Fact] public async Task AdminAuthorizationTest() { - using var client = await CreateClientAsAdmin(); + using var client = await CreateClientAsAdministrator(); var response1 = await client.GetAsync(UserUrl); response1.Should().HaveStatusCode(HttpStatusCode.OK); var response2 = await client.GetAsync(AdminUrl); diff --git a/Timeline.Tests/IntegratedTests/I18nTest.cs b/Timeline.Tests/IntegratedTests/I18nTest.cs deleted file mode 100644 index 855179af..00000000 --- a/Timeline.Tests/IntegratedTests/I18nTest.cs +++ /dev/null @@ -1,59 +0,0 @@ -using FluentAssertions; -using Microsoft.AspNetCore.Mvc.Testing; -using System; -using System.Net.Http; -using System.Net.Http.Headers; -using System.Threading.Tasks; -using Timeline.Tests.Helpers; -using Xunit; - -namespace Timeline.Tests.IntegratedTests -{ - [System.Diagnostics.CodeAnalysis.SuppressMessage("Design", "CA1054:Uri parameters should not be strings")] - public class I18nTest : IntegratedTestBase - { - private readonly HttpClient _client; - - public I18nTest(WebApplicationFactory factory) - : base(factory) - { - _client = Factory.CreateDefaultClient(); - } - - protected override void OnDispose() - { - _client.Dispose(); - } - - private const string DirectUrl = "testing/i18n/direct"; - private const string LocalizerUrl = "testing/i18n/localizer"; - - [Theory] - [InlineData(DirectUrl)] - [InlineData(LocalizerUrl)] - public async Task DefaultShouldReturnEnglish(string url) - { - (await _client.GetStringAsync(url)).Should().ContainEquivalentOf("English"); - } - - [Theory] - [InlineData(DirectUrl, "en", true)] - [InlineData(LocalizerUrl, "en", true)] - [InlineData(DirectUrl, "en-US", true)] - [InlineData(LocalizerUrl, "en-US", true)] - [InlineData(DirectUrl, "zh", false)] - [InlineData(LocalizerUrl, "zh", false)] - public async Task ShouldWork(string url, string acceptLanguage, bool english) - { - var request = new HttpRequestMessage - { - Method = HttpMethod.Get, - RequestUri = new Uri(url, UriKind.RelativeOrAbsolute) - }; - request.Headers.AcceptLanguage.Add(new StringWithQualityHeaderValue(acceptLanguage)); - var body = await (await _client.SendAsync(request)).Content.ReadAsStringAsync(); - body.Should().ContainEquivalentOf(english ? "English" : "中文"); - request.Dispose(); - } - } -} diff --git a/Timeline.Tests/IntegratedTests/IntegratedTestBase.cs b/Timeline.Tests/IntegratedTests/IntegratedTestBase.cs index 242a452d..721a25af 100644 --- a/Timeline.Tests/IntegratedTests/IntegratedTestBase.cs +++ b/Timeline.Tests/IntegratedTests/IntegratedTestBase.cs @@ -1,36 +1,17 @@ -using Microsoft.AspNetCore.Mvc.Testing; +using AutoMapper; +using Microsoft.AspNetCore.Mvc.Testing; +using Microsoft.Extensions.DependencyInjection; using System; -using System.Collections.Generic; +using System.Collections.Generic; using System.Net.Http; using System.Threading.Tasks; using Timeline.Models.Http; +using Timeline.Services; using Timeline.Tests.Helpers; using Xunit; namespace Timeline.Tests.IntegratedTests { - public enum AuthType - { - None, - User, - Admin - } - - public static class AuthTypeExtensions - { - public static MockUser GetMockUser(this AuthType authType) - { - return authType switch - { - AuthType.None => null, - AuthType.User => MockUser.User, - AuthType.Admin => MockUser.Admin, - _ => throw new InvalidOperationException("Unknown auth type.") - }; - } - - public static string GetUsername(this AuthType authType) => authType.GetMockUser().Username; - } public abstract class IntegratedTestBase : IClassFixture>, IDisposable { @@ -38,14 +19,62 @@ namespace Timeline.Tests.IntegratedTests protected WebApplicationFactory Factory => TestApp.Factory; - public IntegratedTestBase(WebApplicationFactory factory) + public IntegratedTestBase(WebApplicationFactory factory) : this(factory, 1) + { + + } + + public IntegratedTestBase(WebApplicationFactory factory, int userCount) { + if (userCount < 0) + throw new ArgumentOutOfRangeException(nameof(userCount), userCount, "User count can't be negative."); + TestApp = new TestApplication(factory); + + using (var scope = Factory.Services.CreateScope()) + { + var users = new List() + { + new User + { + Username = "admin", + Password = "adminpw", + Administrator = true, + Nickname = "administrator" + } + }; + + for (int i = 1; i <= userCount; i++) + { + users.Add(new User + { + Username = $"user{i}", + Password = $"user{i}pw", + Administrator = false, + Nickname = $"imuser{i}" + }); + } + + var userInfoList = new List(); + var userInfoForAdminList = new List(); + + var userService = scope.ServiceProvider.GetRequiredService(); + var mapper = scope.ServiceProvider.GetRequiredService(); + + foreach (var user in users) + { + userService.CreateUser(user); + userInfoList.Add(mapper.Map(user)); + userInfoForAdminList.Add(mapper.Map(user)); + } + + UserInfoList = userInfoList; + UserInfoForAdminList = userInfoForAdminList; + } } protected virtual void OnDispose() { - } public void Dispose() @@ -54,14 +83,11 @@ namespace Timeline.Tests.IntegratedTests TestApp.Dispose(); } - protected void CreateExtraMockUsers(int count) - { - TestApp.Database.CreateExtraMockUsers(count); - } + public IReadOnlyList UserInfoList { get; } - protected IReadOnlyList ExtraMockUsers => TestApp.Database.ExtraMockUsers; + public IReadOnlyList UserInfoForAdminList { get; } - public Task CreateClientWithNoAuth() + public Task CreateDefaultClient() { return Task.FromResult(Factory.CreateDefaultClient()); } @@ -77,18 +103,25 @@ namespace Timeline.Tests.IntegratedTests return client; } - public Task CreateClientAs(MockUser user) + public Task CreateClientAs(int userNumber) { - if (user == null) - return CreateClientWithNoAuth(); - return CreateClientWithCredential(user.Username, user.Password); - } - - public Task CreateClientAs(AuthType authType) => CreateClientAs(authType.GetMockUser()); - + if (userNumber < 0) + throw new ArgumentOutOfRangeException(nameof(userNumber), "User number can't be negative."); - public Task CreateClientAsUser() => CreateClientAs(MockUser.User); - public Task CreateClientAsAdmin() => CreateClientAs(MockUser.Admin); + if (userNumber == 0) + return CreateClientWithCredential("admin", "adminpw"); + else + return CreateClientWithCredential($"user{userNumber}", $"user{userNumber}pw"); + } + public Task CreateClientAsAdministrator() + { + return CreateClientAs(0); + } + + public Task CreateClientAsUser() + { + return CreateClientAs(1); + } } } diff --git a/Timeline.Tests/IntegratedTests/PersonalTimelineTest.cs b/Timeline.Tests/IntegratedTests/PersonalTimelineTest.cs index 51e2d05e..14600659 100644 --- a/Timeline.Tests/IntegratedTests/PersonalTimelineTest.cs +++ b/Timeline.Tests/IntegratedTests/PersonalTimelineTest.cs @@ -5,7 +5,6 @@ using System.Collections.Generic; using System.Linq; using System.Net.Http; using System.Threading.Tasks; -using Timeline.Models; using Timeline.Models.Http; using Timeline.Tests.Helpers; using Xunit; @@ -15,7 +14,7 @@ namespace Timeline.Tests.IntegratedTests public class PersonalTimelineTest : IntegratedTestBase { public PersonalTimelineTest(WebApplicationFactory factory) - : base(factory) + : base(factory, 3) { } @@ -23,11 +22,11 @@ namespace Timeline.Tests.IntegratedTests [Fact] public async Task TimelineGet_Should_Work() { - using var client = await CreateClientWithNoAuth(); - var res = await client.GetAsync("users/user/timeline"); + using var client = await CreateDefaultClient(); + var res = await client.GetAsync("users/user1/timeline"); var body = res.Should().HaveStatusCode(200) .And.HaveJsonBody().Which; - body.Owner.Should().Be("user"); + body.Owner.Should().BeEquivalentTo(UserInfoList[1]); body.Visibility.Should().Be(TimelineVisibility.Register); body.Description.Should().Be(""); body.Members.Should().NotBeNull().And.BeEmpty(); @@ -40,7 +39,7 @@ namespace Timeline.Tests.IntegratedTests async Task AssertDescription(string description) { - var res = await client.GetAsync("users/user/timeline"); + var res = await client.GetAsync("users/user1/timeline"); var body = res.Should().HaveStatusCode(200) .And.HaveJsonBody() .Which.Description.Should().Be(description); @@ -50,20 +49,20 @@ namespace Timeline.Tests.IntegratedTests await AssertDescription(""); { - var res = await client.PostAsJsonAsync("users/user/timeline/op/property", - new TimelinePropertyChangeRequest { Description = mockDescription }); + var res = await client.PatchAsJsonAsync("users/user1/timeline", + new TimelinePatchRequest { Description = mockDescription }); res.Should().HaveStatusCode(200); await AssertDescription(mockDescription); } { - var res = await client.PostAsJsonAsync("users/user/timeline/op/property", - new TimelinePropertyChangeRequest { Description = null }); + var res = await client.PatchAsJsonAsync("users/user1/timeline", + new TimelinePatchRequest { Description = null }); res.Should().HaveStatusCode(200); await AssertDescription(mockDescription); } { - var res = await client.PostAsJsonAsync("users/user/timeline/op/property", - new TimelinePropertyChangeRequest { Description = "" }); + var res = await client.PatchAsJsonAsync("users/user1/timeline", + new TimelinePatchRequest { Description = "" }); res.Should().HaveStatusCode(200); await AssertDescription(""); } @@ -141,13 +140,13 @@ namespace Timeline.Tests.IntegratedTests { var res = await client.PostAsJsonAsync("users/user/timeline/op/property", - new TimelinePropertyChangeRequest { Description = "hahaha" }); + new TimelinePatchRequest { Description = "hahaha" }); res.Should().HaveStatusCode(opPropertyUser); } { var res = await client.PostAsJsonAsync("users/admin/timeline/op/property", - new TimelinePropertyChangeRequest { Description = "hahaha" }); + new TimelinePatchRequest { Description = "hahaha" }); res.Should().HaveStatusCode(opPropertyAdmin); } @@ -193,7 +192,7 @@ namespace Timeline.Tests.IntegratedTests { using var client = await CreateClientAsUser(); var res = await client.PostAsJsonAsync("users/user/timeline/op/property", - new TimelinePropertyChangeRequest { Visibility = TimelineVisibility.Public }); + new TimelinePatchRequest { Visibility = TimelineVisibility.Public }); res.Should().HaveStatusCode(200); } { @@ -208,12 +207,12 @@ namespace Timeline.Tests.IntegratedTests using var client = await CreateClientAsAdmin(); { var res = await client.PostAsJsonAsync("users/user/timeline/op/property", - new TimelinePropertyChangeRequest { Visibility = TimelineVisibility.Private }); + new TimelinePatchRequest { Visibility = TimelineVisibility.Private }); res.Should().HaveStatusCode(200); } { var res = await client.PostAsJsonAsync("users/admin/timeline/op/property", - new TimelinePropertyChangeRequest { Visibility = TimelineVisibility.Private }); + new TimelinePatchRequest { Visibility = TimelineVisibility.Private }); res.Should().HaveStatusCode(200); } } @@ -331,7 +330,7 @@ namespace Timeline.Tests.IntegratedTests } { // self can delete self - var postId = await CreatePost(MockUser.User, "user"); + var postId = await CreatePost(MockUser.Ordinary, "user"); using var client = await CreateClientAsUser(); var res = await client.PostAsJsonAsync("users/user/timeline/postop/delete", new TimelinePostDeleteRequest { Id = postId }); @@ -339,7 +338,7 @@ namespace Timeline.Tests.IntegratedTests } { // admin can delete any - var postId = await CreatePost(MockUser.User, "user"); + var postId = await CreatePost(MockUser.Ordinary, "user"); using var client = await CreateClientAsAdmin(); var res = await client.PostAsJsonAsync("users/user/timeline/postop/delete", new TimelinePostDeleteRequest { Id = postId }); diff --git a/Timeline.Tests/IntegratedTests/TokenTest.cs b/Timeline.Tests/IntegratedTests/TokenTest.cs index ecd5d0b8..8ee19999 100644 --- a/Timeline.Tests/IntegratedTests/TokenTest.cs +++ b/Timeline.Tests/IntegratedTests/TokenTest.cs @@ -53,7 +53,7 @@ namespace Timeline.Tests.IntegratedTests public static IEnumerable CreateToken_UserCredential_Data() { yield return new[] { "usernotexist", "p" }; - yield return new[] { MockUser.User.Username, "???" }; + yield return new[] { MockUser.Ordinary.Username, "???" }; } [Theory] @@ -73,11 +73,11 @@ namespace Timeline.Tests.IntegratedTests { using var client = await CreateClientWithNoAuth(); var response = await client.PostAsJsonAsync(CreateTokenUrl, - new CreateTokenRequest { Username = MockUser.User.Username, Password = MockUser.User.Password }); + new CreateTokenRequest { Username = MockUser.Ordinary.Username, Password = MockUser.Ordinary.Password }); var body = response.Should().HaveStatusCode(200) .And.HaveJsonBody().Which; body.Token.Should().NotBeNullOrWhiteSpace(); - body.User.Should().BeEquivalentTo(MockUser.User.Info); + body.User.Should().BeEquivalentTo(MockUser.Ordinary.Info); } [Fact] @@ -103,13 +103,13 @@ namespace Timeline.Tests.IntegratedTests public async Task VerifyToken_OldVersion() { using var client = await CreateClientWithNoAuth(); - var token = (await CreateUserTokenAsync(client, MockUser.User.Username, MockUser.User.Password)).Token; + var token = (await CreateUserTokenAsync(client, MockUser.Ordinary.Username, MockUser.Ordinary.Password)).Token; using (var scope = Factory.Server.Host.Services.CreateScope()) // UserService is scoped. { // create a user for test var userService = scope.ServiceProvider.GetRequiredService(); - await userService.PatchUser(MockUser.User.Username, null, null); + await userService.PatchUser(MockUser.Ordinary.Username, null, null); } (await client.PostAsJsonAsync(VerifyTokenUrl, @@ -123,12 +123,12 @@ namespace Timeline.Tests.IntegratedTests public async Task VerifyToken_UserNotExist() { using var client = await CreateClientWithNoAuth(); - var token = (await CreateUserTokenAsync(client, MockUser.User.Username, MockUser.User.Password)).Token; + var token = (await CreateUserTokenAsync(client, MockUser.Ordinary.Username, MockUser.Ordinary.Password)).Token; using (var scope = Factory.Server.Host.Services.CreateScope()) // UserService is scoped. { var userService = scope.ServiceProvider.GetRequiredService(); - await userService.DeleteUser(MockUser.User.Username); + await userService.DeleteUser(MockUser.Ordinary.Username); } (await client.PostAsJsonAsync(VerifyTokenUrl, @@ -160,12 +160,12 @@ namespace Timeline.Tests.IntegratedTests public async Task VerifyToken_Success() { using var client = await CreateClientWithNoAuth(); - var createTokenResult = await CreateUserTokenAsync(client, MockUser.User.Username, MockUser.User.Password); + var createTokenResult = await CreateUserTokenAsync(client, MockUser.Ordinary.Username, MockUser.Ordinary.Password); var response = await client.PostAsJsonAsync(VerifyTokenUrl, new VerifyTokenRequest { Token = createTokenResult.Token }); response.Should().HaveStatusCode(200) .And.HaveJsonBody() - .Which.User.Should().BeEquivalentTo(MockUser.User.Info); + .Which.User.Should().BeEquivalentTo(MockUser.Ordinary.Info); } } } diff --git a/Timeline.Tests/IntegratedTests/UserAvatarTest.cs b/Timeline.Tests/IntegratedTests/UserAvatarTest.cs index a4e10634..989207e2 100644 --- a/Timeline.Tests/IntegratedTests/UserAvatarTest.cs +++ b/Timeline.Tests/IntegratedTests/UserAvatarTest.cs @@ -29,7 +29,6 @@ namespace Timeline.Tests.IntegratedTests } [Fact] - [System.Diagnostics.CodeAnalysis.SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope", Justification = "HttpMessageRequest should be disposed ???")] public async Task Test() { Avatar mockAvatar = new Avatar @@ -61,7 +60,7 @@ namespace Timeline.Tests.IntegratedTests EntityTagHeaderValue eTag; { - var res = await client.GetAsync($"users/user/avatar"); + var res = await client.GetAsync($"users/user1/avatar"); res.Should().HaveStatusCode(200); res.Content.Headers.ContentType.MediaType.Should().Be("image/png"); var body = await res.Content.ReadAsByteArrayAsync(); @@ -78,7 +77,7 @@ namespace Timeline.Tests.IntegratedTests { var request = new HttpRequestMessage() { - RequestUri = new Uri(client.BaseAddress, "users/user/avatar"), + RequestUri = new Uri(client.BaseAddress, "users/user1/avatar"), Method = HttpMethod.Get, }; request.Headers.TryAddWithoutValidation("If-None-Match", "\"dsdfd"); @@ -90,7 +89,7 @@ namespace Timeline.Tests.IntegratedTests { var request = new HttpRequestMessage() { - RequestUri = new Uri(client.BaseAddress, "users/user/avatar"), + RequestUri = new Uri(client.BaseAddress, "users/user1/avatar"), Method = HttpMethod.Get, }; request.Headers.TryAddWithoutValidation("If-None-Match", "\"aaa\""); @@ -101,7 +100,7 @@ namespace Timeline.Tests.IntegratedTests { var request = new HttpRequestMessage() { - RequestUri = new Uri(client.BaseAddress, "users/user/avatar"), + RequestUri = new Uri(client.BaseAddress, "users/user1/avatar"), Method = HttpMethod.Get, }; request.Headers.Add("If-None-Match", eTag.ToString()); @@ -112,7 +111,7 @@ namespace Timeline.Tests.IntegratedTests { var content = new ByteArrayContent(new[] { (byte)0x00 }); content.Headers.ContentType = new MediaTypeHeaderValue("image/png"); - var res = await client.PutAsync("users/user/avatar", content); + var res = await client.PutAsync("users/user1/avatar", content); res.Should().HaveStatusCode(HttpStatusCode.BadRequest) .And.HaveCommonBody().Which.Code.Should().Be(ErrorCodes.Common.Header.ContentLength_Missing); ; } @@ -120,7 +119,7 @@ namespace Timeline.Tests.IntegratedTests { var content = new ByteArrayContent(new[] { (byte)0x00 }); content.Headers.ContentLength = 1; - var res = await client.PutAsync("users/user/avatar", content); + var res = await client.PutAsync("users/user1/avatar", content); res.Should().HaveStatusCode(HttpStatusCode.BadRequest) .And.HaveCommonBody().Which.Code.Should().Be(ErrorCodes.Common.Header.ContentType_Missing); } @@ -129,13 +128,13 @@ namespace Timeline.Tests.IntegratedTests var content = new ByteArrayContent(new[] { (byte)0x00 }); content.Headers.ContentLength = 0; content.Headers.ContentType = new MediaTypeHeaderValue("image/png"); - var res = await client.PutAsync("users/user/avatar", content); + var res = await client.PutAsync("users/user1/avatar", content); res.Should().HaveStatusCode(HttpStatusCode.BadRequest) .And.HaveCommonBody().Which.Code.Should().Be(ErrorCodes.Common.Header.ContentLength_Zero); } { - var res = await client.PutByteArrayAsync("users/user/avatar", new[] { (byte)0x00 }, "image/notaccept"); + var res = await client.PutByteArrayAsync("users/user1/avatar", new[] { (byte)0x00 }, "image/notaccept"); res.Should().HaveStatusCode(HttpStatusCode.UnsupportedMediaType); } @@ -143,7 +142,7 @@ namespace Timeline.Tests.IntegratedTests var content = new ByteArrayContent(new[] { (byte)0x00 }); content.Headers.ContentLength = 1000 * 1000 * 11; content.Headers.ContentType = new MediaTypeHeaderValue("image/png"); - var res = await client.PutAsync("users/user/avatar", content); + var res = await client.PutAsync("users/user1/avatar", content); res.Should().HaveStatusCode(HttpStatusCode.BadRequest) .And.HaveCommonBody().Which.Code.Should().Be(ErrorCodes.Common.Content.TooBig); } @@ -152,7 +151,7 @@ namespace Timeline.Tests.IntegratedTests var content = new ByteArrayContent(new[] { (byte)0x00 }); content.Headers.ContentLength = 2; content.Headers.ContentType = new MediaTypeHeaderValue("image/png"); - var res = await client.PutAsync("users/user/avatar", content); + var res = await client.PutAsync("users/user1/avatar", content); res.Should().HaveStatusCode(HttpStatusCode.BadRequest) .And.HaveCommonBody().Which.Code.Should().Be(ErrorCodes.Common.Content.UnmatchedLength_Smaller); } @@ -161,34 +160,34 @@ namespace Timeline.Tests.IntegratedTests var content = new ByteArrayContent(new[] { (byte)0x00, (byte)0x01 }); content.Headers.ContentLength = 1; content.Headers.ContentType = new MediaTypeHeaderValue("image/png"); - var res = await client.PutAsync("users/user/avatar", content); + var res = await client.PutAsync("users/user1/avatar", content); res.Should().HaveStatusCode(HttpStatusCode.BadRequest) .And.HaveCommonBody().Which.Code.Should().Be(ErrorCodes.Common.Content.UnmatchedLength_Bigger); } { - var res = await client.PutByteArrayAsync("users/user/avatar", new[] { (byte)0x00 }, "image/png"); + var res = await client.PutByteArrayAsync("users/user1/avatar", new[] { (byte)0x00 }, "image/png"); res.Should().HaveStatusCode(HttpStatusCode.BadRequest) .And.HaveCommonBody().Which.Code.Should().Be(ErrorCodes.UserAvatar.BadFormat_CantDecode); } { - var res = await client.PutByteArrayAsync("users/user/avatar", mockAvatar.Data, "image/jpeg"); + var res = await client.PutByteArrayAsync("users/user1/avatar", mockAvatar.Data, "image/jpeg"); res.Should().HaveStatusCode(HttpStatusCode.BadRequest) .And.HaveCommonBody().Which.Code.Should().Be(ErrorCodes.UserAvatar.BadFormat_UnmatchedFormat); } { - var res = await client.PutByteArrayAsync("users/user/avatar", ImageHelper.CreatePngWithSize(100, 200), "image/png"); + var res = await client.PutByteArrayAsync("users/user1/avatar", ImageHelper.CreatePngWithSize(100, 200), "image/png"); res.Should().HaveStatusCode(HttpStatusCode.BadRequest) .And.HaveCommonBody().Which.Code.Should().Be(ErrorCodes.UserAvatar.BadFormat_BadSize); } { - var res = await client.PutByteArrayAsync("users/user/avatar", mockAvatar.Data, mockAvatar.Type); + var res = await client.PutByteArrayAsync("users/user1/avatar", mockAvatar.Data, mockAvatar.Type); res.Should().HaveStatusCode(HttpStatusCode.OK); - var res2 = await client.GetAsync("users/user/avatar"); + var res2 = await client.GetAsync("users/user1/avatar"); res2.Should().HaveStatusCode(200); res2.Content.Headers.ContentType.MediaType.Should().Be(mockAvatar.Type); var body = await res2.Content.ReadAsByteArrayAsync(); @@ -204,7 +203,7 @@ namespace Timeline.Tests.IntegratedTests foreach ((var mimeType, var format) in formats) { - var res = await client.PutByteArrayAsync("users/user/avatar", ImageHelper.CreateImageWithSize(100, 100, format), mimeType); + var res = await client.PutByteArrayAsync("users/user1/avatar", ImageHelper.CreateImageWithSize(100, 100, format), mimeType); res.Should().HaveStatusCode(HttpStatusCode.OK); } @@ -222,22 +221,22 @@ namespace Timeline.Tests.IntegratedTests for (int i = 0; i < 2; i++) // double delete should work. { - var res = await client.DeleteAsync("users/user/avatar"); + var res = await client.DeleteAsync("users/user1/avatar"); res.Should().HaveStatusCode(200); await GetReturnDefault(); } } // Authorization check. - using (var client = await CreateClientAsAdmin()) + using (var client = await CreateClientAsAdministrator()) { { - var res = await client.PutByteArrayAsync("users/user/avatar", mockAvatar.Data, mockAvatar.Type); + var res = await client.PutByteArrayAsync("users/user1/avatar", mockAvatar.Data, mockAvatar.Type); res.Should().HaveStatusCode(HttpStatusCode.OK); } { - var res = await client.DeleteAsync("users/user/avatar"); + var res = await client.DeleteAsync("users/user1/avatar"); res.Should().HaveStatusCode(HttpStatusCode.OK); } @@ -256,7 +255,7 @@ namespace Timeline.Tests.IntegratedTests } // bad username check - using (var client = await CreateClientAsAdmin()) + using (var client = await CreateClientAsAdministrator()) { { var res = await client.GetAsync("users/u!ser/avatar"); diff --git a/Timeline.Tests/IntegratedTests/UserDetailTest.cs b/Timeline.Tests/IntegratedTests/UserDetailTest.cs deleted file mode 100644 index 3781a816..00000000 --- a/Timeline.Tests/IntegratedTests/UserDetailTest.cs +++ /dev/null @@ -1,154 +0,0 @@ -using FluentAssertions; -using Microsoft.AspNetCore.Mvc.Testing; -using System.Net; -using System.Net.Http.Headers; -using System.Net.Mime; -using System.Threading.Tasks; -using Timeline.Models.Http; -using Timeline.Tests.Helpers; -using Xunit; - -namespace Timeline.Tests.IntegratedTests -{ - public class UserDetailTest : IntegratedTestBase - { - public UserDetailTest(WebApplicationFactory factory) - : base(factory) - { - - } - - [Fact] - public async Task PermissionTest() - { - { // unauthorize - using var client = await CreateClientWithNoAuth(); - { // GET - var res = await client.GetAsync($"users/{MockUser.User.Username}/nickname"); - res.Should().HaveStatusCode(HttpStatusCode.OK); - } - { // PUT - var res = await client.PutStringAsync($"users/{MockUser.User.Username}/nickname", "aaa"); - res.Should().HaveStatusCode(HttpStatusCode.Unauthorized); - } - { // DELETE - var res = await client.DeleteAsync($"users/{MockUser.User.Username}/nickname"); - res.Should().HaveStatusCode(HttpStatusCode.Unauthorized); - } - } - { // user - using var client = await CreateClientAsUser(); - { // GET - var res = await client.GetAsync($"users/{MockUser.User.Username}/nickname"); - res.Should().HaveStatusCode(HttpStatusCode.OK); - } - { // PUT self - var res = await client.PutStringAsync($"users/{MockUser.User.Username}/nickname", "aaa"); - res.Should().HaveStatusCode(HttpStatusCode.OK); - } - { // PUT other - var res = await client.PutStringAsync($"users/{MockUser.Admin.Username}/nickname", "aaa"); - res.Should().HaveStatusCode(HttpStatusCode.Forbidden); - } - { // DELETE self - var res = await client.DeleteAsync($"users/{MockUser.User.Username}/nickname"); - res.Should().HaveStatusCode(HttpStatusCode.OK); - } - { // DELETE other - var res = await client.DeleteAsync($"users/{MockUser.Admin.Username}/nickname"); - res.Should().HaveStatusCode(HttpStatusCode.Forbidden); - } - } - { // user - using var client = await CreateClientAsAdmin(); - { // PUT other - var res = await client.PutStringAsync($"users/{MockUser.User.Username}/nickname", "aaa"); - res.Should().HaveStatusCode(HttpStatusCode.OK); - } - { // DELETE other - var res = await client.DeleteAsync($"users/{MockUser.User.Username}/nickname"); - res.Should().HaveStatusCode(HttpStatusCode.OK); - } - } - } - - [Fact] - public async Task FunctionTest() - { - var url = $"users/{MockUser.User.Username}/nickname"; - var userNotExistUrl = "users/usernotexist/nickname"; - { - using var client = await CreateClientAsUser(); - { - var res = await client.GetAsync(userNotExistUrl); - res.Should().HaveStatusCode(HttpStatusCode.NotFound) - .And.HaveCommonBody() - .Which.Code.Should().Be(ErrorCodes.UserCommon.NotExist); - - } - { - var res = await client.GetAsync(url); - res.Should().HaveStatusCode(HttpStatusCode.OK); - res.Content.Headers.ContentType.Should().Be(new MediaTypeHeaderValue(MediaTypeNames.Text.Plain) { CharSet = "utf-8" }); - var body = await res.Content.ReadAsStringAsync(); - body.Should().Be(MockUser.User.Username); - } - { - var res = await client.PutStringAsync(url, ""); - res.Should().BeInvalidModel(); - } - { - var res = await client.PutStringAsync(url, new string('a', 11)); - res.Should().BeInvalidModel(); - } - var nickname1 = "nnn"; - var nickname2 = "nn2"; - { - var res = await client.PutStringAsync(url, nickname1); - res.Should().HaveStatusCode(HttpStatusCode.OK); - (await client.GetStringAsync(url)).Should().Be(nickname1); - } - { - var res = await client.PutStringAsync(url, nickname2); - res.Should().HaveStatusCode(HttpStatusCode.OK); - (await client.GetStringAsync(url)).Should().Be(nickname2); - } - { - var res = await client.DeleteAsync(url); - res.Should().HaveStatusCode(HttpStatusCode.OK); - (await client.GetStringAsync(url)).Should().Be(MockUser.User.Username); - } - { - var res = await client.DeleteAsync(url); - res.Should().HaveStatusCode(HttpStatusCode.OK); - } - } - { - using var client = await CreateClientAsAdmin(); - { - var res = await client.PutStringAsync(userNotExistUrl, "aaa"); - res.Should().HaveStatusCode(HttpStatusCode.BadRequest) - .And.HaveCommonBody() - .Which.Code.Should().Be(ErrorCodes.UserCommon.NotExist); - } - { - var res = await client.DeleteAsync(userNotExistUrl); - res.Should().HaveStatusCode(HttpStatusCode.BadRequest) - .And.HaveCommonBody() - .Which.Code.Should().Be(ErrorCodes.UserCommon.NotExist); - } - var nickname = "nnn"; - { - var res = await client.PutStringAsync(url, nickname); - res.Should().HaveStatusCode(HttpStatusCode.OK); - (await client.GetStringAsync(url)).Should().Be(nickname); - } - { - var res = await client.DeleteAsync(url); - res.Should().HaveStatusCode(HttpStatusCode.OK); - (await client.GetStringAsync(url)).Should().Be(MockUser.User.Username); - } - } - } - } -} diff --git a/Timeline.Tests/IntegratedTests/UserTest.cs b/Timeline.Tests/IntegratedTests/UserTest.cs index ea9f1177..4c2ccf7a 100644 --- a/Timeline.Tests/IntegratedTests/UserTest.cs +++ b/Timeline.Tests/IntegratedTests/UserTest.cs @@ -1,9 +1,9 @@ using FluentAssertions; using Microsoft.AspNetCore.Mvc.Testing; using System.Collections.Generic; +using System.Net; using System.Net.Http; using System.Threading.Tasks; -using Timeline.Models; using Timeline.Models.Http; using Timeline.Tests.Helpers; using Xunit; @@ -19,102 +19,144 @@ namespace Timeline.Tests.IntegratedTests } [Fact] - public async Task Get_List_Success() + public async Task GetList_NoAuth() { - using var client = await CreateClientAsAdmin(); - var res = await client.GetAsync("users"); + using var client = await CreateDefaultClient(); + var res = await client.GetAsync("/users"); res.Should().HaveStatusCode(200) - .And.HaveJsonBody() - .Which.Should().BeEquivalentTo(MockUser.UserInfoList); + .And.HaveJsonBody() + .Which.Should().BeEquivalentTo(UserInfoList); } [Fact] - public async Task Get_Single_Success() + public async Task GetList_User() { - using var client = await CreateClientAsAdmin(); - var res = await client.GetAsync("users/" + MockUser.User.Username); + using var client = await CreateClientAsUser(); + var res = await client.GetAsync("/users"); res.Should().HaveStatusCode(200) - .And.HaveJsonBody() - .Which.Should().BeEquivalentTo(MockUser.User.Info); + .And.HaveJsonBody() + .Which.Should().BeEquivalentTo(UserInfoList); } [Fact] - public async Task Get_InvalidModel() + public async Task GetList_Admin() { - using var client = await CreateClientAsAdmin(); - var res = await client.GetAsync("users/aaa!a"); - res.Should().BeInvalidModel(); + using var client = await CreateClientAsAdministrator(); + var res = await client.GetAsync("/users"); + res.Should().HaveStatusCode(200) + .And.HaveJsonBody() + .Which.Should().BeEquivalentTo(UserInfoForAdminList); } [Fact] - public async Task Get_Users_404() + public async Task Get_NoAuth() { - using var client = await CreateClientAsAdmin(); - var res = await client.GetAsync("users/usernotexist"); - res.Should().HaveStatusCode(404) - .And.HaveCommonBody() - .Which.Code.Should().Be(ErrorCodes.UserCommon.NotExist); + using var client = await CreateDefaultClient(); + var res = await client.GetAsync($"/users/admin"); + res.Should().HaveStatusCode(200) + .And.HaveJsonBody() + .Which.Should().BeEquivalentTo(UserInfoList[0]); } - public static IEnumerable Put_InvalidModel_Data() + [Fact] + public async Task Get_User() { - yield return new object[] { "aaa", null, false }; - yield return new object[] { "aaa", "p", null }; - yield return new object[] { "aa!a", "p", false }; + using var client = await CreateClientAsUser(); + var res = await client.GetAsync($"/users/admin"); + res.Should().HaveStatusCode(200) + .And.HaveJsonBody() + .Which.Should().BeEquivalentTo(UserInfoList[0]); } - [Theory] - [MemberData(nameof(Put_InvalidModel_Data))] - public async Task Put_InvalidModel(string username, string password, bool? administrator) + [Fact] + public async Task Get_Admin() { - using var client = await CreateClientAsAdmin(); - (await client.PutAsJsonAsync("users/" + username, - new UserPutRequest { Password = password, Administrator = administrator })) - .Should().BeInvalidModel(); + using var client = await CreateClientAsAdministrator(); + var res = await client.GetAsync($"/users/user1"); + res.Should().HaveStatusCode(200) + .And.HaveJsonBody() + .Which.Should().BeEquivalentTo(UserInfoForAdminList[1]); } - private async Task CheckAdministrator(HttpClient client, string username, bool administrator) + [Fact] + public async Task Get_InvalidModel() { - var res = await client.GetAsync("users/" + username); - res.Should().HaveStatusCode(200) - .And.HaveJsonBody() - .Which.Administrator.Should().Be(administrator); + using var client = await CreateClientAsUser(); + var res = await client.GetAsync("/users/aaa!a"); + res.Should().BeInvalidModel(); } [Fact] - public async Task Put_Modiefied() + public async Task Get_404() { - using var client = await CreateClientAsAdmin(); - var res = await client.PutAsJsonAsync("users/" + MockUser.User.Username, new UserPutRequest + using var client = await CreateClientAsUser(); + var res = await client.GetAsync("/users/usernotexist"); + res.Should().HaveStatusCode(404) + .And.HaveCommonBody(ErrorCodes.UserCommon.NotExist); + } + + [Fact] + public async Task Patch_User() + { + using var client = await CreateClientAsUser(); { - Password = "password", - Administrator = false - }); - res.Should().BePut(false); - await CheckAdministrator(client, MockUser.User.Username, false); + var res = await client.PatchAsJsonAsync("/users/user1", + new UserPatchRequest { Nickname = "aaa" }); + res.Should().HaveStatusCode(200); + } + + { + var res = await client.GetAsync("/users/user1"); + res.Should().HaveStatusCode(200) + .And.HaveJsonBody() + .Which.Nickname.Should().Be("aaa"); + } } [Fact] - public async Task Put_Created() + public async Task Patch_Admin() { - using var client = await CreateClientAsAdmin(); - const string username = "puttest"; - const string url = "users/" + username; + using var client = await CreateClientAsAdministrator(); + using var userClient = await CreateClientAsUser(); + + { + var res = await client.PatchAsJsonAsync("/users/user1", + new UserPatchRequest + { + Username = "newuser", + Password = "newpw", + Administrator = true, + Nickname = "aaa" + }); + res.Should().HaveStatusCode(200); + } - var res = await client.PutAsJsonAsync(url, new UserPutRequest { - Password = "password", - Administrator = false - }); - res.Should().BePut(true); - await CheckAdministrator(client, username, false); + var res = await client.GetAsync("/users/newuser"); + var body = res.Should().HaveStatusCode(200) + .And.HaveJsonBody() + .Which; + body.Administrator.Should().Be(true); + body.Nickname.Should().Be("aaa"); + } + + { + // Token should expire. + var res = await userClient.GetAsync("/users"); + res.Should().HaveStatusCode(HttpStatusCode.Unauthorized); + } + + { + // Check password. + (await CreateClientWithCredential("newuser", "newpw")).Dispose(); + } } [Fact] public async Task Patch_NotExist() { - using var client = await CreateClientAsAdmin(); - var res = await client.PatchAsJsonAsync("users/usernotexist", new UserPatchRequest { }); + using var client = await CreateClientAsAdministrator(); + var res = await client.PatchAsJsonAsync("/users/usernotexist", new UserPatchRequest { }); res.Should().HaveStatusCode(404) .And.HaveCommonBody() .Which.Code.Should().Be(ErrorCodes.UserCommon.NotExist); @@ -123,114 +165,239 @@ namespace Timeline.Tests.IntegratedTests [Fact] public async Task Patch_InvalidModel() { - using var client = await CreateClientAsAdmin(); - var res = await client.PatchAsJsonAsync("users/aaa!a", new UserPatchRequest { }); + using var client = await CreateClientAsAdministrator(); + var res = await client.PatchAsJsonAsync("/users/aaa!a", new UserPatchRequest { }); + res.Should().BeInvalidModel(); + } + + public static IEnumerable Patch_InvalidModel_Body_Data() + { + yield return new[] { new UserPatchRequest { Username = "aaa!a" } }; + yield return new[] { new UserPatchRequest { Password = "" } }; + yield return new[] { new UserPatchRequest { Nickname = new string('a', 50) } }; + } + + [Theory] + [MemberData(nameof(Patch_InvalidModel_Body_Data))] + public async Task Patch_InvalidModel_Body(UserPatchRequest body) + { + using var client = await CreateClientAsAdministrator(); + var res = await client.PatchAsJsonAsync("/users/user1", body); res.Should().BeInvalidModel(); } [Fact] - public async Task Patch_Success() + public async Task Patch_UsernameConflict() { - using var client = await CreateClientAsAdmin(); - { - var res = await client.PatchAsJsonAsync("users/" + MockUser.User.Username, - new UserPatchRequest { Administrator = false }); - res.Should().HaveStatusCode(200); - await CheckAdministrator(client, MockUser.User.Username, false); - } + using var client = await CreateClientAsAdministrator(); + var res = await client.PatchAsJsonAsync("/users/user1", new UserPatchRequest { Username = "admin" }); + res.Should().HaveStatusCode(400) + .And.HaveCommonBody(ErrorCodes.UserController.UsernameConflict); } [Fact] - public async Task Delete_InvalidModel() + public async Task Patch_NoAuth_Unauthorized() { - using var client = await CreateClientAsAdmin(); - var url = "users/aaa!a"; - var res = await client.DeleteAsync(url); - res.Should().BeInvalidModel(); + using var client = await CreateClientAsUser(); + var res = await client.PatchAsJsonAsync("/users/user1", new UserPatchRequest { Nickname = "aaa" }); + res.Should().HaveStatusCode(HttpStatusCode.Unauthorized); + } + + [Fact] + public async Task Patch_User_Forbid() + { + using var client = await CreateClientAsUser(); + var res = await client.PatchAsJsonAsync("/users/admin", new UserPatchRequest { Nickname = "aaa" }); + res.Should().HaveStatusCode(HttpStatusCode.Forbidden); + } + + [Fact] + public async Task Patch_Username_Forbid() + { + using var client = await CreateClientAsUser(); + var res = await client.PatchAsJsonAsync("/users/user1", new UserPatchRequest { Username = "aaa" }); + res.Should().HaveStatusCode(HttpStatusCode.Forbidden); + } + + [Fact] + public async Task Patch_Password_Forbid() + { + using var client = await CreateClientAsUser(); + var res = await client.PatchAsJsonAsync("/users/user1", new UserPatchRequest { Password = "aaa" }); + res.Should().HaveStatusCode(HttpStatusCode.Forbidden); + } + + [Fact] + public async Task Patch_Administrator_Forbid() + { + using var client = await CreateClientAsUser(); + var res = await client.PatchAsJsonAsync("/users/user1", new UserPatchRequest { Administrator = true }); + res.Should().HaveStatusCode(HttpStatusCode.Forbidden); } [Fact] public async Task Delete_Deleted() { - using var client = await CreateClientAsAdmin(); - var url = "users/" + MockUser.User.Username; - var res = await client.DeleteAsync(url); - res.Should().BeDelete(true); + using var client = await CreateClientAsAdministrator(); + { + var res = await client.DeleteAsync("/users/user1"); + res.Should().BeDelete(true); + } - var res2 = await client.GetAsync(url); - res2.Should().HaveStatusCode(404); + { + var res = await client.GetAsync("/users/user1"); + res.Should().HaveStatusCode(404); + } } [Fact] public async Task Delete_NotExist() { - using var client = await CreateClientAsAdmin(); - var res = await client.DeleteAsync("users/usernotexist"); + using var client = await CreateClientAsAdministrator(); + var res = await client.DeleteAsync("/users/usernotexist"); res.Should().BeDelete(false); } - private const string changeUsernameUrl = "userop/changeusername"; + [Fact] + public async Task Delete_InvalidModel() + { + using var client = await CreateClientAsAdministrator(); + var res = await client.DeleteAsync("/users/aaa!a"); + res.Should().BeInvalidModel(); + } - public static IEnumerable Op_ChangeUsername_InvalidModel_Data() + [Fact] + public async Task Delete_NoAuth_Unauthorized() { - yield return new[] { null, "uuu" }; - yield return new[] { "uuu", null }; - yield return new[] { "a!a", "uuu" }; - yield return new[] { "uuu", "a!a" }; + using var client = await CreateDefaultClient(); + var res = await client.DeleteAsync("/users/aaa!a"); + res.Should().HaveStatusCode(HttpStatusCode.Unauthorized); } - [Theory] - [MemberData(nameof(Op_ChangeUsername_InvalidModel_Data))] - public async Task Op_ChangeUsername_InvalidModel(string oldUsername, string newUsername) + [Fact] + public async Task Delete_User_Forbid() { - using var client = await CreateClientAsAdmin(); - (await client.PostAsJsonAsync(changeUsernameUrl, - new ChangeUsernameRequest { OldUsername = oldUsername, NewUsername = newUsername })) - .Should().BeInvalidModel(); + using var client = await CreateClientAsUser(); + var res = await client.DeleteAsync("/users/aaa!a"); + res.Should().HaveStatusCode(HttpStatusCode.Forbidden); } + private const string createUserUrl = "/userop/createuser"; + [Fact] - public async Task Op_ChangeUsername_UserNotExist() + public async Task Op_CreateUser() { - using var client = await CreateClientAsAdmin(); - var res = await client.PostAsJsonAsync(changeUsernameUrl, - new ChangeUsernameRequest { OldUsername = "usernotexist", NewUsername = "newUsername" }); - res.Should().HaveStatusCode(400) - .And.HaveCommonBody() - .Which.Code.Should().Be(ErrorCodes.UserCommon.NotExist); + using var client = await CreateClientAsAdministrator(); + { + var res = await client.PostAsJsonAsync(createUserUrl, new CreateUserRequest + { + Username = "aaa", + Password = "bbb", + Administrator = true, + Nickname = "ccc" + }); + res.Should().HaveStatusCode(200); + } + { + var res = await client.GetAsync("users/aaa"); + var body = res.Should().HaveStatusCode(200) + .And.HaveJsonBody().Which; + body.Username.Should().Be("aaa"); + body.Nickname.Should().Be("ccc"); + body.Administrator.Should().BeTrue(); + } + { + // Test password. + (await CreateClientWithCredential("aaa", "bbb")).Dispose(); + } + } + + public static IEnumerable Op_CreateUser_InvalidModel_Data() + { + yield return new[] { new CreateUserRequest { Username = "aaa", Password = "bbb" } }; + yield return new[] { new CreateUserRequest { Username = "aaa", Administrator = true } }; + yield return new[] { new CreateUserRequest { Password = "bbb", Administrator = true } }; + yield return new[] { new CreateUserRequest { Username = "a!a", Password = "bbb", Administrator = true } }; + yield return new[] { new CreateUserRequest { Username = "aaa", Password = "", Administrator = true } }; + yield return new[] { new CreateUserRequest { Username = "aaa", Password = "bbb", Administrator = true, Nickname = new string('a', 40) } }; + } + + [Theory] + [MemberData(nameof(Op_CreateUser_InvalidModel_Data))] + public async Task Op_CreateUser_InvalidModel(CreateUserRequest body) + { + using var client = await CreateClientAsAdministrator(); + { + var res = await client.PostAsJsonAsync(createUserUrl, body); + res.Should().BeInvalidModel(); + } } [Fact] - public async Task Op_ChangeUsername_UserAlreadyExist() + public async Task Op_CreateUser_UsernameConflict() { - using var client = await CreateClientAsAdmin(); - var res = await client.PostAsJsonAsync(changeUsernameUrl, - new ChangeUsernameRequest { OldUsername = MockUser.User.Username, NewUsername = MockUser.Admin.Username }); - res.Should().HaveStatusCode(400) - .And.HaveCommonBody() - .Which.Code.Should().Be(ErrorCodes.UserController.ChangeUsername_Conflict); + using var client = await CreateClientAsAdministrator(); + { + var res = await client.PostAsJsonAsync(createUserUrl, new CreateUserRequest + { + Username = "user1", + Password = "bbb", + Administrator = false + }); + res.Should().HaveStatusCode(400) + .And.HaveCommonBody(ErrorCodes.UserController.UsernameConflict); + } } - private async Task TestLogin(string username, string password) + [Fact] + public async Task Op_CreateUser_NoAuth_Unauthorized() { - using var client = await CreateClientWithNoAuth(); - var response = await client.PostAsJsonAsync("token/create", new CreateTokenRequest { Username = username, Password = password }); - response.Should().HaveStatusCode(200) - .And.HaveJsonBody(); + using var client = await CreateDefaultClient(); + { + var res = await client.PostAsJsonAsync(createUserUrl, new CreateUserRequest + { + Username = "aaa", + Password = "bbb", + Administrator = false + }); + res.Should().HaveStatusCode(HttpStatusCode.Unauthorized); + } } [Fact] - public async Task Op_ChangeUsername_Success() + public async Task Op_CreateUser_User_Forbid() { - using var client = await CreateClientAsAdmin(); - const string newUsername = "hahaha"; - var res = await client.PostAsJsonAsync(changeUsernameUrl, - new ChangeUsernameRequest { OldUsername = MockUser.User.Username, NewUsername = newUsername }); - res.Should().HaveStatusCode(200); - await TestLogin(newUsername, MockUser.User.Password); + using var client = await CreateClientAsUser(); + { + var res = await client.PostAsJsonAsync(createUserUrl, new CreateUserRequest + { + Username = "aaa", + Password = "bbb", + Administrator = false + }); + res.Should().HaveStatusCode(HttpStatusCode.Forbidden); + } } - private const string changePasswordUrl = "userop/changepassword"; + private const string changePasswordUrl = "/userop/changepassword"; + + [Fact] + public async Task Op_ChangePassword() + { + using var client = await CreateClientAsUser(); + { + var res = await client.PostAsJsonAsync(changePasswordUrl, + new ChangePasswordRequest { OldPassword = "user1pw", NewPassword = "newpw" }); + res.Should().HaveStatusCode(200); + } + { + var res = await client.PatchAsJsonAsync("/users/user1", new UserPatchRequest { }); + res.Should().HaveStatusCode(HttpStatusCode.Unauthorized); + } + { + (await CreateClientWithCredential("user1", "newpw")).Dispose(); + } + } public static IEnumerable Op_ChangePassword_InvalidModel_Data() { @@ -243,9 +410,9 @@ namespace Timeline.Tests.IntegratedTests public async Task Op_ChangePassword_InvalidModel(string oldPassword, string newPassword) { using var client = await CreateClientAsUser(); - (await client.PostAsJsonAsync(changePasswordUrl, - new ChangePasswordRequest { OldPassword = oldPassword, NewPassword = newPassword })) - .Should().BeInvalidModel(); + var res = await client.PostAsJsonAsync(changePasswordUrl, + new ChangePasswordRequest { OldPassword = oldPassword, NewPassword = newPassword }); + res.Should().BeInvalidModel(); } [Fact] @@ -254,19 +421,15 @@ namespace Timeline.Tests.IntegratedTests using var client = await CreateClientAsUser(); var res = await client.PostAsJsonAsync(changePasswordUrl, new ChangePasswordRequest { OldPassword = "???", NewPassword = "???" }); res.Should().HaveStatusCode(400) - .And.HaveCommonBody() - .Which.Code.Should().Be(ErrorCodes.UserController.ChangePassword_BadOldPassword); + .And.HaveCommonBody(ErrorCodes.UserController.ChangePassword_BadOldPassword); } [Fact] - public async Task Op_ChangePassword_Success() + public async Task Op_ChangePassword_NoAuth_Unauthorized() { - using var client = await CreateClientAsUser(); - const string newPassword = "new"; - var res = await client.PostAsJsonAsync(changePasswordUrl, - new ChangePasswordRequest { OldPassword = MockUser.User.Password, NewPassword = newPassword }); - res.Should().HaveStatusCode(200); - await TestLogin(MockUser.User.Username, newPassword); + using var client = await CreateDefaultClient(); + var res = await client.PostAsJsonAsync(changePasswordUrl, new ChangePasswordRequest { OldPassword = "???", NewPassword = "???" }); + res.Should().HaveStatusCode(HttpStatusCode.Unauthorized); } } } -- cgit v1.2.3