From d67f4d7ec185ed72b5560e80467539b59edeac71 Mon Sep 17 00:00:00 2001 From: emmagarland Date: Sun, 28 Feb 2021 19:09:02 +0000 Subject: [PATCH] Added failed password test result --- .../Controllers/MemberControllerUnitTests.cs | 72 +++++++++++++++++-- .../Controllers/MemberController.cs | 20 +++--- 2 files changed, 76 insertions(+), 16 deletions(-) diff --git a/src/Umbraco.Tests.UnitTests/Umbraco.Web.BackOffice/Controllers/MemberControllerUnitTests.cs b/src/Umbraco.Tests.UnitTests/Umbraco.Web.BackOffice/Controllers/MemberControllerUnitTests.cs index 6dfad9cc9c..5bb4613912 100644 --- a/src/Umbraco.Tests.UnitTests/Umbraco.Web.BackOffice/Controllers/MemberControllerUnitTests.cs +++ b/src/Umbraco.Tests.UnitTests/Umbraco.Web.BackOffice/Controllers/MemberControllerUnitTests.cs @@ -21,7 +21,6 @@ using Umbraco.Cms.Core.Events; using Umbraco.Cms.Core.Mapping; using Umbraco.Cms.Core.Models; using Umbraco.Cms.Core.Models.ContentEditing; -using Umbraco.Cms.Core.Models.Identity; using Umbraco.Cms.Core.Models.Mapping; using Umbraco.Cms.Core.Models.Membership; using Umbraco.Cms.Core.PropertyEditors; @@ -35,7 +34,6 @@ using Umbraco.Cms.Tests.UnitTests.AutoFixture; using Umbraco.Cms.Tests.UnitTests.Umbraco.Core.ShortStringHelper; using Umbraco.Cms.Web.BackOffice.Controllers; using Umbraco.Cms.Web.BackOffice.Mapping; -using Umbraco.Cms.Web.BackOffice.Security; using Umbraco.Cms.Web.Common.ActionsResults; using Umbraco.Cms.Web.Common.Security; using IHostingEnvironment = Umbraco.Cms.Core.Hosting.IHostingEnvironment; @@ -234,6 +232,56 @@ namespace Umbraco.Cms.Tests.UnitTests.Umbraco.Web.BackOffice.Controllers AssertMemberDisplayPropertiesAreEqual(memberDisplay, result.Value); } + [Test] + [AutoMoqData] + public async Task PostSaveMember_SaveExisting_WhenAllIsSetupWithPasswordIncorrectly_ExpectFailureResponse( + [Frozen] IMemberManager umbracoMembersUserManager, + IMemberService memberService, + IMemberTypeService memberTypeService, + IMemberGroupService memberGroupService, + IDataTypeService dataTypeService, + IBackOfficeSecurityAccessor backOfficeSecurityAccessor, + IBackOfficeSecurity backOfficeSecurity, + IPasswordChanger passwordChanger, + IOptions globalSettings, + IUser user) + { + // arrange + Member member = SetupMemberTestData(out MemberSave fakeMemberData, out MemberDisplay memberDisplay, ContentSaveAction.Save); + var membersIdentityUser = new MembersIdentityUser(123); + Mock.Get(umbracoMembersUserManager) + .Setup(x => x.FindByIdAsync(It.IsAny())) + .ReturnsAsync(() => membersIdentityUser); + Mock.Get(umbracoMembersUserManager) + .Setup(x => x.ValidatePasswordAsync(It.IsAny())) + .ReturnsAsync(() => IdentityResult.Success); + + Mock.Get(umbracoMembersUserManager) + .Setup(x => x.UpdateAsync(It.IsAny())) + .ReturnsAsync(() => IdentityResult.Success); + Mock.Get(memberTypeService).Setup(x => x.GetDefault()).Returns("fakeAlias"); + Mock.Get(globalSettings); + + SetupUserAccess(backOfficeSecurityAccessor, backOfficeSecurity, user); + SetupPasswordSuccess(umbracoMembersUserManager, passwordChanger, false); + + Mock.Get(memberService).Setup(x => x.GetByUsername(It.IsAny())).Returns(() => member); + Mock.Get(memberService).SetupSequence( + x => x.GetByEmail(It.IsAny())) + .Returns(() => null) + .Returns(() => member); + + + MemberController sut = CreateSut(memberService, memberTypeService, memberGroupService, umbracoMembersUserManager, dataTypeService, backOfficeSecurityAccessor, passwordChanger, globalSettings, user); + + // act + ActionResult result = await sut.PostSave(fakeMemberData); + + // assert + Assert.IsNotNull(result.Result); + Assert.IsNull(result.Value); + } + private static void SetupUserAccess(IBackOfficeSecurityAccessor backOfficeSecurityAccessor, IBackOfficeSecurity backOfficeSecurity, IUser user) { Mock.Get(backOfficeSecurityAccessor).Setup(x => x.BackOfficeSecurity).Returns(backOfficeSecurity); @@ -241,17 +289,27 @@ namespace Umbraco.Cms.Tests.UnitTests.Umbraco.Web.BackOffice.Controllers Mock.Get(backOfficeSecurity).Setup(x => x.CurrentUser).Returns(user); } - private static void SetupPasswordSuccess(IMemberManager umbracoMembersUserManager, IPasswordChanger passwordChanger) + private static void SetupPasswordSuccess(IMemberManager umbracoMembersUserManager, IPasswordChanger passwordChanger, bool successful = true) { var passwordChanged = new PasswordChangedModel() { ChangeError = null, ResetPassword = null }; - var attempt = Attempt.Succeed(passwordChanged); - Mock.Get(passwordChanger) - .Setup(x => x.ChangePasswordWithIdentityAsync(It.IsAny(), umbracoMembersUserManager)) - .ReturnsAsync(() => attempt); + if (!successful) + { + var attempt = Attempt.Fail(passwordChanged); + Mock.Get(passwordChanger) + .Setup(x => x.ChangePasswordWithIdentityAsync(It.IsAny(), umbracoMembersUserManager)) + .ReturnsAsync(() => attempt); + } + else + { + var attempt = Attempt.Succeed(passwordChanged); + Mock.Get(passwordChanger) + .Setup(x => x.ChangePasswordWithIdentityAsync(It.IsAny(), umbracoMembersUserManager)) + .ReturnsAsync(() => attempt); + } } [Test] diff --git a/src/Umbraco.Web.BackOffice/Controllers/MemberController.cs b/src/Umbraco.Web.BackOffice/Controllers/MemberController.cs index 95e2ac021b..3c5adb8ebe 100644 --- a/src/Umbraco.Web.BackOffice/Controllers/MemberController.cs +++ b/src/Umbraco.Web.BackOffice/Controllers/MemberController.cs @@ -495,18 +495,20 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers return new ValidationErrorResult(new SimpleValidationModel(ModelState.ToErrorDictionary())); } - if (passwordChangeResult.Success) + if (!passwordChangeResult.Success) { - // get the identity member now the password and dates have changed - identityMember = await _memberManager.FindByIdAsync(contentItem.Id.ToString()); + return new ValidationErrorResult("The password could not be changed"); + } - //TODO: confirm this is correct - contentItem.PersistedContent.RawPasswordValue = identityMember.PasswordHash; + // get the identity member now the password and dates have changed + identityMember = await _memberManager.FindByIdAsync(contentItem.Id.ToString()); - if (identityMember.LastPasswordChangeDateUtc != null) - { - contentItem.PersistedContent.LastPasswordChangeDate = (DateTime)identityMember.LastPasswordChangeDateUtc; - } + //TODO: confirm this is correct + contentItem.PersistedContent.RawPasswordValue = identityMember.PasswordHash; + + if (identityMember.LastPasswordChangeDateUtc != null) + { + contentItem.PersistedContent.LastPasswordChangeDate = (DateTime)identityMember.LastPasswordChangeDateUtc; } }