/// <summary>
        /// Sets custom authenticated <see cref="Microsoft.AspNetCore.Http.HttpContext.User"/> to the built request using the provided user builder.
        /// </summary>
        /// <param name="httpRequestBuilder">Instance of <see cref="IHttpRequestBuilder"/> type.</param>
        /// <param name="userBuilder">Action setting the <see cref="Microsoft.AspNetCore.Http.HttpContext.User"/> by using <see cref="IClaimsPrincipalBuilder"/>.</param>
        /// <returns>The same <see cref="IAndHttpRequestBuilder"/>.</returns>
        public static IAndHttpRequestBuilder WithAuthenticatedUser(
            this IHttpRequestBuilder httpRequestBuilder,
            Action<IClaimsPrincipalBuilder> userBuilder)
        {
            var actualHttpRequestBuilder = (HttpRequestBuilder)httpRequestBuilder;

            var newUserBuilder = new ClaimsPrincipalBuilder();
            userBuilder(newUserBuilder);
            actualHttpRequestBuilder.HttpContext.User = newUserBuilder.GetClaimsPrincipal();

            return actualHttpRequestBuilder;
        }
Beispiel #2
0
        public async Task should_return_unauthorised_if_not_judge_conference()
        {
            var participant = TestConference.Participants.First(x => !x.IsJudge());
            var user        = new ClaimsPrincipalBuilder()
                              .WithUsername(participant.Username)
                              .WithRole(AppRoles.CitizenRole).Build();

            Controller = SetupControllerWithClaims(user);

            var result = await Controller.CallWitnessAsync(TestConference.Id, participant.Id);

            result.Should().BeOfType <UnauthorizedObjectResult>();
            var typedResult = (UnauthorizedObjectResult)result;

            typedResult.Should().NotBeNull();
            typedResult.Value.Should().Be("User must be a Judge");

            VideoApiClientMock.Verify(
                x => x.TransferParticipantAsync(TestConference.Id,
                                                It.Is <TransferParticipantRequest>(r => r.ParticipantId == participant.Id)), Times.Never);
        }
Beispiel #3
0
        public async Task should_return_unauthorised_if_participant_does_not_exists()
        {
            var judge = TestConference.GetJudge();
            var user  = new ClaimsPrincipalBuilder()
                        .WithUsername(judge.Username)
                        .WithRole(AppRoles.JudgeRole).Build();

            Controller = SetupControllerWithClaims(user);

            var result = await Controller.CallWitnessAsync(TestConference.Id, Guid.NewGuid());

            result.Should().BeOfType <UnauthorizedObjectResult>();
            var typedResult = (UnauthorizedObjectResult)result;

            typedResult.Should().NotBeNull();
            typedResult.Value.Should().Be("Participant is not a witness");

            VideoApiClientMock.Verify(
                x => x.TransferParticipantAsync(TestConference.Id,
                                                It.IsAny <TransferParticipantRequest>()), Times.Never);
        }
        public async Task should_return_unauthorised_if_participant_is_not_a_witness()
        {
            var judge       = TestConference.GetJudge();
            var participant = TestConference.Participants.First(x => x.Role == Role.Individual);
            var user        = new ClaimsPrincipalBuilder()
                              .WithUsername(judge.Username)
                              .WithRole(AppRoles.JudgeRole).Build();

            Controller = SetupControllerWithClaims(user);

            var result = await Controller.DismissWitnessAsync(TestConference.Id, participant.Id);

            var typedResult = (UnauthorizedObjectResult)result;

            typedResult.Should().NotBeNull();
            typedResult.Value.Should().Be("Participant is not a witness");

            VideoApiClientMock.Verify(
                x => x.TransferParticipantAsync(TestConference.Id,
                                                It.Is <TransferParticipantRequest>(r => r.ParticipantId == participant.Id)), Times.Never);
        }
        public async Task Should_send_message_to_conference_group_if_user_is_vho()
        {
            SetupSendMessageTests();
            // setup claims to return admin username
            var claims = new ClaimsPrincipalBuilder().WithUsername(AdminUsername).WithRole(AppRoles.VhOfficerRole)
                         .Build();

            UpdateUserIdentity(claims);

            var          fromUsername = AdminUsername;
            var          toJudgeId    = JudgeParticipantId;
            var          toUsername   = JudgeUsername;
            const string message      = "test message";
            var          messageUuid  = Guid.NewGuid();

            await Hub.SendMessage(Conference.Id, message, toJudgeId.ToString(), messageUuid);

            AssertMessageSentToHub(fromUsername, toJudgeId.ToString(), message, messageUuid, JudgeGroupChannel);
            AssertMessageSentStatusToApi(fromUsername, toUsername, message, Times.Once());

            AdminGroupChannel.Verify(x => x.AdminAnsweredChat(Conference.Id, toJudgeId.ToString()), Times.Once);
        }
        should_send_message_to_admin_group_and_participant_group_when_individual_sends_message_to_admin()
        {
            SetupSendMessageTests();
            // setup claims to return individual username
            var claims = new ClaimsPrincipalBuilder().WithUsername(IndividualUsername).WithRole(AppRoles.CitizenRole)
                         .Build();

            UpdateUserIdentity(claims);

            var          fromIndividualId = IndividualParticipantId.ToString();
            var          fromUsername     = IndividualUsername;
            var          toUsername       = AdminUserProfile.UserName;
            const string message          = "test message";
            var          messageUuid      = Guid.NewGuid();

            await Hub.SendMessage(Conference.Id, message, toUsername, messageUuid);

            AssertMessageSentToHub(fromIndividualId, toUsername, message, messageUuid, IndividualGroupChannel);
            AssertMessageSentStatusToApi(fromUsername, toUsername, message, Times.Once());

            AdminGroupChannel.Verify(x => x.AdminAnsweredChat(Conference.Id, toUsername), Times.Never);
        }
        public void Setup()
        {
            _videoApiClientMock  = new Mock <IVideoApiClient>();
            _mockLogger          = new Mock <ILogger <ConferencesController> >(MockBehavior.Loose);
            _mockConferenceCache = new Mock <IConferenceCache>();
            var claimsPrincipal = new ClaimsPrincipalBuilder().Build();
            var context         = new ControllerContext
            {
                HttpContext = new DefaultHttpContext
                {
                    User = claimsPrincipal
                }
            };

            _controller = new ConferencesController(_videoApiClientMock.Object,
                                                    _mockLogger.Object, _mockConferenceCache.Object)
            {
                ControllerContext = context
            };

            _mockConferenceCache.Setup(x => x.AddConferenceAsync(It.IsAny <ConferenceDetailsResponse>()));
        }
        public void Authenticated_SessionReturnUrlNotAllowed()
        {
            const string returnUrl        = "http://notallowedurl.com/";
            var          userDataProvider = new Mock <IUserDataProvider>();

            userDataProvider.Setup(p => p.Pop(UserDataItemNames.ReturnUrl)).Returns(returnUrl);

            var configurationService = new Mock <IConfigurationService>();

            configurationService.Setup(c => c.Get <ManageWebConfiguration>())
            .Returns(new ManageWebConfiguration {
                AuthorisationGroupClaim = ValidAuthorisationGroupClaim
            });

            var mediator = new AgencyUserMediatorBuilder().With(userDataProvider).With(configurationService).Build();

            var principal = new ClaimsPrincipalBuilder().WithName("User001").WithGroup(ValidAuthorisationGroupClaim).Build();

            var response = mediator.Authorize(principal);

            response.AssertCodeAndMessage(AgencyUserMediatorCodes.Authorize.Ok);
        }
        public void should_map_claim_to_profile(string role, Role expectedRole)
        {
            const string firstName   = "John";
            const string lastname    = "Doe";
            const string displayName = "John Doe";
            var          username    = ClaimsPrincipalBuilder.Username;
            var          user        = new ClaimsPrincipalBuilder()
                                       .WithClaim(ClaimTypes.GivenName, firstName)
                                       .WithClaim(ClaimTypes.Surname, lastname)
                                       .WithClaim("name", displayName)
                                       .WithUsername(username)
                                       .WithRole(role).Build();


            var response = _sut.Map(user);

            response.Role.Should().Be(expectedRole);
            response.FirstName.Should().Be(firstName);
            response.LastName.Should().Be(lastname);
            response.DisplayName.Should().Be(displayName);
            response.Username.Should().Be(username);
        }
Beispiel #10
0
        public void Authorize_EmailAddressNotVerified()
        {
            // Arrange.
            var providerViewModel = new ProviderViewModelBuilder().With(new List <ProviderSiteViewModel>
            {
                new ProviderSiteViewModel()
            }).Build();

            MockProviderProvider.Setup(p => p.GetProviderViewModel(It.IsAny <string>(), true)).Returns(providerViewModel);
            MockProviderUserProvider.Setup(p => p.GetUserProfileViewModel(It.IsAny <string>()))
            .Returns(new ProviderUserViewModel());

            var mediator  = GetMediator();
            var principal =
                new ClaimsPrincipalBuilder().WithName("User001").WithUkprn("00001").WithRole(Roles.Faa).Build();

            // Act.
            var response = mediator.Authorize(principal);

            // Assert.
            response.AssertMessage(ProviderUserMediatorCodes.Authorize.EmailAddressNotVerified,
                                   AuthorizeMessages.EmailAddressNotVerified, UserMessageLevel.Info);
        }
Beispiel #11
0
        public void Setup()
        {
            _mocker = AutoMock.GetLoose();
            var claimsPrincipal = new ClaimsPrincipalBuilder()
                                  .WithRole(AppRoles.JudgeRole)
                                  .WithClaim(ClaimTypes.GivenName, "John")
                                  .WithClaim(ClaimTypes.Surname, "Doe")
                                  .WithClaim("name", "John D")
                                  .Build();
            var context = new ControllerContext
            {
                HttpContext = new DefaultHttpContext
                {
                    User = claimsPrincipal
                }
            };

            _mocker.Mock <IMapperFactory>().Setup(x => x.Get <UserProfile, UserProfileResponse>()).Returns(_mocker.Create <UserProfileToUserProfileResponseMapper>());
            var parameters = new ParameterBuilder(_mocker).AddObject(new DictionaryUserCache()).Build();

            _sut = _mocker.Create <ProfilesController>(parameters);
            _sut.ControllerContext = context;
        }
Beispiel #12
0
        public void Authorize_Ok_ShouldSetProviderId()
        {
            // Arrange.
            var providerViewModel = new ProviderViewModelBuilder()
                                    .With(42)
                                    .With(new List <ProviderSiteViewModel>
            {
                new ProviderSiteViewModel()
            }).Build();

            MockProviderProvider
            .Setup(mock => mock.GetProviderViewModel(It.IsAny <string>(), true))
            .Returns(providerViewModel);

            MockProviderUserProvider
            .Setup(mock => mock.GetUserProfileViewModel(It.IsAny <string>()))
            .Returns(new ProviderUserViewModel
            {
                EmailAddressVerified = true
            });

            var mediator = GetMediator();

            var principal = new ClaimsPrincipalBuilder()
                            .WithName("User001")
                            .WithUkprn("00001")
                            .WithRole(Roles.Faa)
                            .Build();

            // Act.
            var response = mediator.Authorize(principal);

            // Assert.
            response.AssertCodeAndMessage(ProviderUserMediatorCodes.Authorize.Ok);
            response.ViewModel.ProviderId.Should().Be(providerViewModel.ProviderId);
        }
Beispiel #13
0
        public void Setup()
        {
            _userApiClientMock = new Mock <IUserApiClient>();
            _mockLogger        = new Mock <ILogger <ProfilesController> >();
            var claimsPrincipal = new ClaimsPrincipalBuilder()
                                  .WithRole(AppRoles.JudgeRole)
                                  .WithClaim(ClaimTypes.GivenName, "John")
                                  .WithClaim(ClaimTypes.Surname, "Doe")
                                  .WithClaim("name", "John D")
                                  .Build();
            var context = new ControllerContext
            {
                HttpContext = new DefaultHttpContext
                {
                    User = claimsPrincipal
                }
            };

            _controller =
                new ProfilesController(_userApiClientMock.Object, _mockLogger.Object, new DictionaryUserCache())
            {
                ControllerContext = context
            };
        }
Beispiel #14
0
        public void GivenAUserWithTheGroupClaim_IsInGroupShouldReturnTrue()
        {
            var user = new ClaimsPrincipalBuilder().WithGroup(Group).Build();

            user.IsInGroup(Group).Should().BeTrue();
        }
Beispiel #15
0
        public void GivenAUserWithAnotherGroupClaim_IsInGroupShouldReturnFalse()
        {
            var user = new ClaimsPrincipalBuilder().WithGroup("anotherGroup").Build();

            user.IsInGroup(Group).Should().BeFalse();
        }