admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2018-09-04 17:00:16 +00:00
parent f1ce2baa63
commit a15e02db54
10 changed files with 70 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
devdocs/specs/core-tags.txt
View File

@@ -16,7 +16,7 @@ FORMAT
Copied from stack overflow Copied from stack overflow
tags ... tags ...
must be no longer than 35 characters must be no longer than 255 characters (35 in Stack overflow, but why limit it?)
spaces are replaced by dashes, no spaces in a tag spaces are replaced by dashes, no spaces in a tag
always converts to lower invariant culture always converts to lower invariant culture
- (probably not this, utf-8 ok: must use the ascii character set a-z 0-9 + # - .) - (probably not this, utf-8 ok: must use the ascii character set a-z 0-9 + # - .)

1
devdocs/todo.txt
View File

@@ -22,7 +22,6 @@ Overall plan for now: anything standing in the way of making the initial client
- v7importusers (on hold?) - v7importusers (on hold?)
- Mostly done for now with the exception of client id and headoffice id which await the client and headoffice objects respectively and their importers - Mostly done for now with the exception of client id and headoffice id which await the client and headoffice objects respectively and their importers
- Is 35char long enough for tags? Why is there a limit? Can it be 50?
- Why are inactive users allowed to login? - Why are inactive users allowed to login?
- Seed data is seeding users inactive, sb active - Seed data is seeding users inactive, sb active

5
server/AyaNova/Controllers/AuthController.cs
View File

@@ -104,6 +104,11 @@ namespace AyaNova.Api.Controllers
} }
//If the user is inactive they may not login
if (!u.Active)
{
return StatusCode(401, new ApiErrorResponse(ApiErrorCode.NOT_AUTHORIZED, null, "User deactivated"));
}
//build the key (JWT set in startup.cs) //build the key (JWT set in startup.cs)
byte[] secretKey = System.Text.Encoding.ASCII.GetBytes(ServerBootConfig.AYANOVA_JWT_SECRET); byte[] secretKey = System.Text.Encoding.ASCII.GetBytes(ServerBootConfig.AYANOVA_JWT_SECRET);

1
server/AyaNova/biz/PrimeData.cs
View File

@@ -28,6 +28,7 @@ namespace AyaNova.Biz
//get a db and logger //get a db and logger
ILogger log = AyaNova.Util.ApplicationLogging.CreateLogger("PrimeData"); ILogger log = AyaNova.Util.ApplicationLogging.CreateLogger("PrimeData");
User u = new User(); User u = new User();
u.Active=true;
u.Name = "AyaNova Administrator"; u.Name = "AyaNova Administrator";
u.Salt = Hasher.GenerateSalt(); u.Salt = Hasher.GenerateSalt();
u.Login = "manager"; u.Login = "manager";

10
server/AyaNova/biz/TagBiz.cs
View File

@@ -70,8 +70,8 @@ namespace AyaNova.Biz
inObj = System.Text.RegularExpressions.Regex.Replace(inObj, "-+", "-"); inObj = System.Text.RegularExpressions.Regex.Replace(inObj, "-+", "-");
//Ensure doesn't start or end with a dash //Ensure doesn't start or end with a dash
inObj = inObj.Trim('-'); inObj = inObj.Trim('-');
//No longer than 35 characters //No longer than 255 characters
inObj = StringUtil.MaxLength(inObj, 35); inObj = StringUtil.MaxLength(inObj, 255);
return inObj; return inObj;
} }
@@ -212,9 +212,9 @@ namespace AyaNova.Biz
if (string.IsNullOrWhiteSpace(inObj)) if (string.IsNullOrWhiteSpace(inObj))
AddError(ValidationErrorType.RequiredPropertyEmpty, "Name"); AddError(ValidationErrorType.RequiredPropertyEmpty, "Name");
//Name must be less than 35 characters //Name must be less than 255 characters
if (inObj.Length > 35) if (inObj.Length > 255)
AddError(ValidationErrorType.LengthExceeded, "Name", "35 char max"); AddError(ValidationErrorType.LengthExceeded, "Name", "255 char max");
//Name must be unique //Name must be unique
if (ct.Tag.Where(m => m.Name == inObj).FirstOrDefault() != null) if (ct.Tag.Where(m => m.Name == inObj).FirstOrDefault() != null)

6
server/AyaNova/biz/TagMapBiz.cs
View File

@@ -147,9 +147,9 @@ namespace AyaNova.Biz
// if (string.IsNullOrWhiteSpace(inObj)) // if (string.IsNullOrWhiteSpace(inObj))
// AddError(ValidationErrorType.RequiredPropertyEmpty, "Name"); // AddError(ValidationErrorType.RequiredPropertyEmpty, "Name");
// //Name must be less than 35 characters // //Name must be less than 255 characters
// if (inObj.Length > 35) // if (inObj.Length > 255)
// AddError(ValidationErrorType.LengthExceeded, "Name", "35 char max"); // AddError(ValidationErrorType.LengthExceeded, "Name", "255 char max");
return; return;
} }

4
server/AyaNova/models/Tag.cs
View File

@@ -14,8 +14,8 @@ namespace AyaNova.Models
[Required] [Required]
public long OwnerId { get; set; } public long OwnerId { get; set; }
[Required] [Required, MaxLength(255)]
public string Name { get; set; }//max 35 characters ascii set public string Name { get; set; }//max 255 characters ascii set
} }
} }

2
server/AyaNova/util/AySchema.cs
View File

@@ -201,7 +201,7 @@ namespace AyaNova.Util
{ {
LogUpdateMessage(log); LogUpdateMessage(log);
exec("CREATE TABLE atag (id BIGSERIAL PRIMARY KEY, ownerid bigint not null, name varchar(35) not null)"); exec("CREATE TABLE atag (id BIGSERIAL PRIMARY KEY, ownerid bigint not null, name varchar(255) not null)");
exec("CREATE UNIQUE INDEX tagname_idx ON atag (name);"); exec("CREATE UNIQUE INDEX tagname_idx ON atag (name);");
exec("CREATE TABLE atagmap (id BIGSERIAL PRIMARY KEY, ownerid bigint not null," + exec("CREATE TABLE atagmap (id BIGSERIAL PRIMARY KEY, ownerid bigint not null," +
"tagid bigint not null REFERENCES atag (id), tagtoobjectid bigint not null, tagtoobjecttype integer not null)"); "tagid bigint not null REFERENCES atag (id), tagtoobjectid bigint not null, tagtoobjecttype integer not null)");

24
server/AyaNova/util/Seeder.cs
View File

@@ -16,7 +16,7 @@ namespace AyaNova.Util
public enum SeedLevel { SmallOneManShopTrialDataSet, MediumLocalServiceCompanyTrialDataSet, LargeCorporateMultiRegionalTrialDataSet }; public enum SeedLevel { SmallOneManShopTrialDataSet, MediumLocalServiceCompanyTrialDataSet, LargeCorporateMultiRegionalTrialDataSet };
////////////////////////////////////////////////////// //////////////////////////////////////////////////////
//Seed database for trial and testing purposes //Seed database for trial and testing purposes
// //
@@ -199,6 +199,9 @@ namespace AyaNova.Util
//PRIVACY TEST USER - this is used for a test to see if user info leaks into the logs //PRIVACY TEST USER - this is used for a test to see if user info leaks into the logs
GenSeedUser(1, AuthorizationRoles.OpsAdminLimited, UserType.NonSchedulable, "TEST_PRIVACY_USER_ACCOUNT", "TEST_PRIVACY_USER_ACCOUNT"); GenSeedUser(1, AuthorizationRoles.OpsAdminLimited, UserType.NonSchedulable, "TEST_PRIVACY_USER_ACCOUNT", "TEST_PRIVACY_USER_ACCOUNT");
//TEST NOT ACTIVE - this is used for a test to see if inactive user can login
GenSeedUser(1, AuthorizationRoles.OpsAdminLimited, UserType.NonSchedulable, false, "TEST_INACTIVE", "TEST_INACTIVE");
} }
@@ -206,17 +209,32 @@ namespace AyaNova.Util
/// <summary>
/// Generate seed user with active=true
/// (override to save typing)
/// </summary>
/// <param name="count"></param>
/// <param name="roles"></param>
/// <param name="userType"></param>
/// <param name="login"></param>
/// <param name="password"></param>
public static void GenSeedUser(int count, AuthorizationRoles roles, UserType userType, string login, string password)
{
GenSeedUser(count, roles, userType, true, login, password);
}
////////////////////////////////////////////////////// //////////////////////////////////////////////////////
//Seed user - default login / pw is first name //Seed user - default login / pw is first name
// //
public static void GenSeedUser(int count, AuthorizationRoles roles, UserType userType, string login = null, string password = null) public static void GenSeedUser(int count, AuthorizationRoles roles, UserType userType, bool active = true, string login = null, string password = null)
{ {
AyContext ct = ServiceProviderProvider.DBContext; AyContext ct = ServiceProviderProvider.DBContext;
for (int x = 0; x < count; x++) for (int x = 0; x < count; x++)
{ {
User u = new User(); User u = new User();
u.OwnerId=1; u.Active = active;
u.OwnerId = 1;
var p = new Bogus.Person(); var p = new Bogus.Person();
u.Name = p.FullName; u.Name = p.FullName;
u.Salt = Hasher.GenerateSalt(); u.Salt = Hasher.GenerateSalt();

31
test/raven-integration/User/UserInactive.cs Normal file
View File

@@ -0,0 +1,31 @@
using System;
using Xunit;
using Newtonsoft.Json.Linq;
using FluentAssertions;
namespace raven_integration
{
public class UserInactive
{
/// <summary>
/// Inactive user should not be able to login
/// </summary>
[Fact]
public async void InactiveUserCantLogin()
{
dynamic creds = new JObject();
creds.password = creds.login = "TEST_INACTIVE";
ApiResponse a = await Util.PostAsync("Auth", null, creds.ToString());
Util.ValidateErrorCodeResponse(a,2004, 401);
}
//==================================================
}//eoc
}//eons