public void OnAuthorizationHooksCacheValidationIfUserAuthorized()
        {
            // Arrange
            Mock <AuthorizeAttributeHelper> mockHelper = new Mock <AuthorizeAttributeHelper>()
            {
                CallBase = true
            };

            mockHelper.Setup(h => h.PublicAuthorizeCore(It.IsAny <HttpContextBase>())).Returns(true);
            AuthorizeAttributeHelper helper = mockHelper.Object;

            MethodInfo callbackMethod = typeof(AuthorizeAttribute).GetMethod("CacheValidateHandler", BindingFlags.Instance | BindingFlags.NonPublic);
            Mock <AuthorizationContext> mockFilterContext = new Mock <AuthorizationContext>();

            mockFilterContext.Setup(c => c.HttpContext.Response.Cache.SetProxyMaxAge(new TimeSpan(0))).Verifiable();
            mockFilterContext.Setup(c => c.HttpContext.Items).Returns(new Hashtable());
            mockFilterContext
            .Setup(c => c.HttpContext.Response.Cache.AddValidationCallback(It.IsAny <HttpCacheValidateHandler>(), null /* data */))
            .Callback(
                delegate(HttpCacheValidateHandler handler, object data)
            {
                Assert.Equal(helper, handler.Target);
                Assert.Equal(callbackMethod, handler.Method);
            })
            .Verifiable();
            mockFilterContext.Setup(c => c.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true)).Returns(false);
            AuthorizationContext filterContext = mockFilterContext.Object;

            // Act
            helper.OnAuthorization(filterContext);

            // Assert
            mockFilterContext.Verify();
        }
        public void OnCacheAuthorizationReturnsIgnoreRequestIfUserIsUnauthorized()
        {
            // Arrange
            Mock <AuthorizeAttributeHelper> mockHelper = new Mock <AuthorizeAttributeHelper>()
            {
                CallBase = true
            };

            mockHelper
            .Setup(h => h.PublicAuthorizeCore(It.IsAny <HttpContextBase>()))
            .Returns(false);
            AuthorizeAttributeHelper helper = mockHelper.Object;

            Mock <HttpContextBase> mockHttpContext = new Mock <HttpContextBase>();

            mockHttpContext.Setup(c => c.User).Returns(new Mock <IPrincipal>().Object);

            // Act
            HttpValidationStatus validationStatus = helper.PublicOnCacheAuthorization(
                mockHttpContext.Object
                );

            // Assert
            Assert.Equal(HttpValidationStatus.IgnoreThisRequest, validationStatus);
        }
        public void OnAuthorizationReturnsWithNoResultIfAllowAnonymousAttributeIsDefinedOnController()
        {
            // Arrange
            Mock <AuthorizeAttributeHelper> mockHelper = new Mock <AuthorizeAttributeHelper>()
            {
                CallBase = true
            };
            AuthorizeAttributeHelper helper = mockHelper.Object;

            Mock <AuthorizationContext> mockFilterContext = new Mock <AuthorizationContext>();

            mockFilterContext.Setup(c => c.HttpContext.Items).Returns(new Hashtable());
            mockFilterContext
            .Setup(
                c =>
                c.ActionDescriptor.ControllerDescriptor.IsDefined(
                    typeof(AllowAnonymousAttribute),
                    true
                    )
                )
            .Returns(true);

            // Act
            helper.OnAuthorization(mockFilterContext.Object);

            // Assert
            Assert.Null(mockFilterContext.Object.Result);
            mockHelper.Verify(
                h => h.PublicAuthorizeCore(It.IsAny <HttpContextBase>()),
                Times.Never()
                );
        }
        public void OnAuthorizationFailedSetsHttpUnauthorizedResultIfUserUnauthorized()
        {
            // Arrange
            Mock <AuthorizeAttributeHelper> mockHelper = new Mock <AuthorizeAttributeHelper>()
            {
                CallBase = true
            };

            mockHelper
            .Setup(h => h.PublicAuthorizeCore(It.IsAny <HttpContextBase>()))
            .Returns(false);
            AuthorizeAttributeHelper helper = mockHelper.Object;

            AuthorizationContext filterContext =
                new Mock <AuthorizationContext>()
            {
                DefaultValue = DefaultValue.Mock
            }.Object;

            // Act
            helper.OnAuthorization(filterContext);

            // Assert
            Assert.IsType <HttpUnauthorizedResult>(filterContext.Result);
        }
        public void Init()
        {
            this._httpContext       = Substitute.For <HttpContextBase>();
            this._controllerContext = Substitute.For <ControllerContext>();
            this._actionDescriptor  = Substitute.For <ActionDescriptor>();

            this._attribute = new AuthorizeAttributeHelper();
        }
        public void AuthorizeCoreThrowsIfHttpContextIsNull()
        {
            // Arrange
            AuthorizeAttributeHelper helper = new AuthorizeAttributeHelper();

            // Act & assert
            Assert.ThrowsArgumentNull(
                delegate { helper.PublicAuthorizeCore((HttpContextBase)null); }, "httpContext");
        }
        public void OnCacheAuthorizationThrowsIfHttpContextIsNull()
        {
            // Arrange
            AuthorizeAttributeHelper helper = new AuthorizeAttributeHelper();

            // Act & assert
            Assert.ThrowsArgumentNull(
                delegate { helper.PublicOnCacheAuthorization(null); }, "httpContext");
        }
        public void AuthorizeCoreReturnsFalseIfUserIsUnauthenticated() {
            // Arrange
            AuthorizeAttributeHelper helper = new AuthorizeAttributeHelper();

            Mock<HttpContextBase> mockHttpContext = new Mock<HttpContextBase>();
            mockHttpContext.Expect(c => c.User.Identity.IsAuthenticated).Returns(false);

            // Act
            bool retVal = helper.PublicAuthorizeCore(mockHttpContext.Object);

            // Assert
            Assert.IsFalse(retVal);
        }
        public void AuthorizeCoreReturnsTrueIfUserIsAuthenticatedAndNoNamesOrRolesSpecified() {
            // Arrange
            AuthorizeAttributeHelper helper = new AuthorizeAttributeHelper();

            Mock<HttpContextBase> mockHttpContext = new Mock<HttpContextBase>();
            mockHttpContext.Expect(c => c.User.Identity.IsAuthenticated).Returns(true);

            // Act
            bool retVal = helper.PublicAuthorizeCore(mockHttpContext.Object);

            // Assert
            Assert.IsTrue(retVal);
        }
Beispiel #10
0
        public void AuthorizeCoreReturnsFalseIfNameDoesNotMatch() {
            // Arrange
            AuthorizeAttributeHelper helper = new AuthorizeAttributeHelper() { Users = "SomeName" };

            Mock<HttpContextBase> mockHttpContext = new Mock<HttpContextBase>();
            mockHttpContext.Expect(c => c.User.Identity.IsAuthenticated).Returns(true);
            mockHttpContext.Expect(c => c.User.Identity.Name).Returns("SomeOtherName");

            // Act
            bool retVal = helper.PublicAuthorizeCore(mockHttpContext.Object);

            // Assert
            Assert.IsFalse(retVal);
        }
        public void AuthorizeCoreReturnsTrueIfUserIsAuthenticatedAndNoNamesOrRolesSpecified()
        {
            // Arrange
            AuthorizeAttributeHelper helper = new AuthorizeAttributeHelper();

            Mock <HttpContextBase> mockHttpContext = new Mock <HttpContextBase>();

            mockHttpContext.Setup(c => c.User.Identity.IsAuthenticated).Returns(true);

            // Act
            bool retVal = helper.PublicAuthorizeCore(mockHttpContext.Object);

            // Assert
            Assert.True(retVal);
        }
        public void AuthorizeCoreReturnsFalseIfUserIsUnauthenticated()
        {
            // Arrange
            AuthorizeAttributeHelper helper = new AuthorizeAttributeHelper();

            Mock <HttpContextBase> mockHttpContext = new Mock <HttpContextBase>();

            mockHttpContext.Setup(c => c.User.Identity.IsAuthenticated).Returns(false);

            // Act
            bool retVal = helper.PublicAuthorizeCore(mockHttpContext.Object);

            // Assert
            Assert.False(retVal);
        }
Beispiel #13
0
        public void AuthorizeCoreReturnsFalseIfRoleDoesNotMatch() {
            // Arrange
            AuthorizeAttributeHelper helper = new AuthorizeAttributeHelper() { Roles = "SomeRole" };

            Mock<HttpContextBase> mockHttpContext = new Mock<HttpContextBase>();
            mockHttpContext.Expect(c => c.User.Identity.IsAuthenticated).Returns(true);
            mockHttpContext.Expect(c => c.User.IsInRole("SomeRole")).Returns(false).Verifiable();

            // Act
            bool retVal = helper.PublicAuthorizeCore(mockHttpContext.Object);

            // Assert
            Assert.IsFalse(retVal);
            mockHttpContext.Verify();
        }
        public void AuthorizeCoreReturnsTrueIfUserIsAuthenticatedAndNamesOrRolesSpecified() {
            // Arrange
            AuthorizeAttributeHelper helper = new AuthorizeAttributeHelper() { Users = "SomeUser, SomeOtherUser", Roles = "SomeRole, SomeOtherRole" };

            Mock<HttpContextBase> mockHttpContext = new Mock<HttpContextBase>();
            mockHttpContext.Expect(c => c.User.Identity.IsAuthenticated).Returns(true);
            mockHttpContext.Expect(c => c.User.Identity.Name).Returns("SomeUser");
            mockHttpContext.Expect(c => c.User.IsInRole("SomeRole")).Returns(false).Verifiable();
            mockHttpContext.Expect(c => c.User.IsInRole("SomeOtherRole")).Returns(true).Verifiable();

            // Act
            bool retVal = helper.PublicAuthorizeCore(mockHttpContext.Object);

            // Assert
            Assert.IsTrue(retVal);
            mockHttpContext.Verify();
        }
        public void AuthorizeCoreReturnsFalseIfNameDoesNotMatch()
        {
            // Arrange
            AuthorizeAttributeHelper helper = new AuthorizeAttributeHelper()
            {
                Users = "SomeName"
            };

            Mock <HttpContextBase> mockHttpContext = new Mock <HttpContextBase>();

            mockHttpContext.Setup(c => c.User.Identity.IsAuthenticated).Returns(true);
            mockHttpContext.Setup(c => c.User.Identity.Name).Returns("SomeOtherName");

            // Act
            bool retVal = helper.PublicAuthorizeCore(mockHttpContext.Object);

            // Assert
            Assert.False(retVal);
        }
        public void AuthorizeCoreReturnsFalseIfRoleDoesNotMatch()
        {
            // Arrange
            AuthorizeAttributeHelper helper = new AuthorizeAttributeHelper()
            {
                Roles = "SomeRole"
            };

            Mock <HttpContextBase> mockHttpContext = new Mock <HttpContextBase>();

            mockHttpContext.Setup(c => c.User.Identity.IsAuthenticated).Returns(true);
            mockHttpContext.Setup(c => c.User.IsInRole("SomeRole")).Returns(false).Verifiable();

            // Act
            bool retVal = helper.PublicAuthorizeCore(mockHttpContext.Object);

            // Assert
            Assert.False(retVal);
            mockHttpContext.Verify();
        }
Beispiel #17
0
        public void OnCacheAuthorizationReturnsValidIfUserIsAuthorized()
        {
            // Arrange
            Mock <AuthorizeAttributeHelper> mockHelper = new Mock <AuthorizeAttributeHelper>()
            {
                CallBase = true
            };

            mockHelper.Expect(h => h.PublicAuthorizeCore(It.IsAny <HttpContextBase>())).Returns(true);
            AuthorizeAttributeHelper helper = mockHelper.Object;

            Mock <HttpContextBase> mockHttpContext = new Mock <HttpContextBase>();

            mockHttpContext.Expect(c => c.User).Returns(new Mock <IPrincipal>().Object);

            // Act
            HttpValidationStatus validationStatus = helper.PublicOnCacheAuthorization(mockHttpContext.Object);

            // Assert
            Assert.AreEqual(HttpValidationStatus.Valid, validationStatus);
        }
Beispiel #18
0
        public void OnAuthorizationCancelsRequestIfUserUnauthorized()
        {
            // Arrange
            Mock <AuthorizeAttributeHelper> mockHelper = new Mock <AuthorizeAttributeHelper>()
            {
                CallBase = true
            };

            mockHelper.Expect(h => h.PublicAuthorizeCore(It.IsAny <HttpContextBase>())).Returns(false);
            AuthorizeAttributeHelper helper = mockHelper.Object;

            AuthorizationContext filterContext = new Mock <AuthorizationContext>()
            {
                DefaultValue = DefaultValue.Mock
            }.Object;

            // Act
            helper.OnAuthorization(filterContext);

            // Assert
            Assert.IsInstanceOfType(filterContext.Result, typeof(HttpUnauthorizedResult));
        }
        public void AuthorizeCoreReturnsTrueIfUserIsAuthenticatedAndNamesOrRolesSpecified()
        {
            // Arrange
            AuthorizeAttributeHelper helper = new AuthorizeAttributeHelper()
            {
                Users = "SomeUser, SomeOtherUser", Roles = "SomeRole, SomeOtherRole"
            };

            Mock <HttpContextBase> mockHttpContext = new Mock <HttpContextBase>();

            mockHttpContext.Setup(c => c.User.Identity.IsAuthenticated).Returns(true);
            mockHttpContext.Setup(c => c.User.Identity.Name).Returns("SomeUser");
            mockHttpContext.Setup(c => c.User.IsInRole("SomeRole")).Returns(false).Verifiable();
            mockHttpContext.Setup(c => c.User.IsInRole("SomeOtherRole")).Returns(true).Verifiable();

            // Act
            bool retVal = helper.PublicAuthorizeCore(mockHttpContext.Object);

            // Assert
            Assert.True(retVal);
            mockHttpContext.Verify();
        }
Beispiel #20
0
        public void AuthorizeCoreThrowsIfHttpContextIsNull() {
            // Arrange
            AuthorizeAttributeHelper helper = new AuthorizeAttributeHelper();

            // Act & assert
            ExceptionHelper.ExpectArgumentNullException(
                delegate {
                    helper.PublicAuthorizeCore((HttpContextBase)null);
                }, "httpContext");
        }
Beispiel #21
0
        public void OnCacheAuthorizationThrowsIfHttpContextIsNull() {
            // Arrange
            AuthorizeAttributeHelper helper = new AuthorizeAttributeHelper();

            // Act & assert
            ExceptionHelper.ExpectArgumentNullException(
                delegate {
                    helper.PublicOnCacheAuthorization(null);
                }, "httpContext");
        }