Nell/eShopOnWeb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix fraud posibility the client sent the unit price (#702)

Browse Source 
* fix fraud posibility the client sent the unit price, fix unit test to use the fomat as server base

* fix bad coding convention

* update dotnet tool ef and nuget package

* Align MD with real database by default
This commit is contained in:
Cédric Michel
2022-04-13 20:15:48 +02:00
committed by GitHub
parent 44534f5a8b
commit 31be1d4d74
14 changed files with 55 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
tests/FunctionalTests/Web/Pages/Basket/IndexTest.cs
View File

@@ -32,7 +32,6 @@ public class IndexTest : IClassFixture<TestApplication>
{
new KeyValuePair<string, string>("id", "2"),
new KeyValuePair<string, string>("name", "shirt"),
new KeyValuePair<string, string>("price", "19.49"),
new KeyValuePair<string, string>("__RequestVerificationToken", token)
};
var formContent = new FormUrlEncodedContent(keyValues);
@@ -45,7 +44,7 @@ public class IndexTest : IClassFixture<TestApplication>
var updateKeyValues = new List<KeyValuePair<string, string>>
{
new KeyValuePair<string, string>("Items[0].Id", WebPageHelpers.GetId(stringResponse)),
new KeyValuePair<string, string>("Items[0].Quantity", "50"),
new KeyValuePair<string, string>("Items[0].Quantity", "49"),
new KeyValuePair<string, string>(WebPageHelpers.TokenTag, WebPageHelpers.GetRequestVerificationToken(stringResponse))
};
var updateContent = new FormUrlEncodedContent(updateKeyValues);
@@ -54,7 +53,8 @@ public class IndexTest : IClassFixture<TestApplication>
var stringUpdateResponse = await updateResponse.Content.ReadAsStringAsync();
Assert.Contains("/basket/update", updateResponse.RequestMessage.RequestUri.ToString());
Assert.Contains("974.50", stringUpdateResponse);
decimal expectedTotalAmount = 416.50M;
Assert.Contains(expectedTotalAmount.ToString("N2"), stringUpdateResponse);
}
[Fact]
@@ -72,7 +72,6 @@ public class IndexTest : IClassFixture<TestApplication>
{
new KeyValuePair<string, string>("id", "2"),
new KeyValuePair<string, string>("name", "shirt"),
new KeyValuePair<string, string>("price", "19.49"),
new KeyValuePair<string, string>("__RequestVerificationToken", token)
};
var formContent = new FormUrlEncodedContent(keyValues);
@@ -95,6 +94,5 @@ public class IndexTest : IClassFixture<TestApplication>
Assert.Contains("/basket/update", updateResponse.RequestMessage.RequestUri.ToString());
Assert.Contains("Basket is empty", stringUpdateResponse);
}
}