public async Task Can_Assign_Role()
{
//Arrange
var registration = await DataProcessingRegistrationHelper.CreateAsync(TestEnvironment.DefaultOrganizationId, A <string>());
var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id);
var role = businessRoleDtos.First();
var availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, role.Id);
var user = availableUsers.First();
//Act
using var response = await DataProcessingRegistrationHelper.SendAssignRoleRequestAsync(registration.Id, role.Id, user.Id);
//Assert response
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
registration = await DataProcessingRegistrationHelper.GetAsync(registration.Id);
//Assert role is in the DTO
var assignedRoleDto = Assert.Single(registration.AssignedRoles);
Assert.Equal(user.Id, assignedRoleDto.User.Id);
Assert.Equal(role.Id, assignedRoleDto.Role.Id);
//Assert query endpoint now excludes possible duplicate
availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, role.Id);
Assert.Empty(availableUsers.Where(x => x.Id == user.Id));
}
public async Task Can_Remove_Role()
{
//Arrange
var registration = await DataProcessingRegistrationHelper.CreateAsync(TestEnvironment.DefaultOrganizationId, A <string>());
var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id);
var role = businessRoleDtos.First();
var availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, role.Id);
var user = availableUsers.First();
using var response = await DataProcessingRegistrationHelper.SendAssignRoleRequestAsync(registration.Id, role.Id, user.Id);
//Act
using var removeResponse = await DataProcessingRegistrationHelper.SendRemoveRoleRequestAsync(registration.Id, role.Id, user.Id);
//Assert response
Assert.Equal(HttpStatusCode.OK, removeResponse.StatusCode);
//Assert that the role is no longer in the DTO
registration = await DataProcessingRegistrationHelper.GetAsync(registration.Id);
Assert.Empty(registration.AssignedRoles);
}
public async Task Can_Get_Available_Roles()
{
//Arrange
var registration = await DataProcessingRegistrationHelper.CreateAsync(TestEnvironment.DefaultOrganizationId, A <string>());
//Act
var roles = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id);
//Assert
Assert.NotEmpty(roles);
}
public async Task Cannot_Assign_Role_To_User_Not_In_Organization()
{
//Arrange
var registration = await DataProcessingRegistrationHelper.CreateAsync(TestEnvironment.DefaultOrganizationId, A <string>());
var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id);
var role = businessRoleDtos.First();
//Act
using var response = await DataProcessingRegistrationHelper.SendAssignRoleRequestAsync(registration.Id, role.Id, int.MaxValue);
//Assert response
Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode);
}
public async Task Can_Get_Available_Users()
{
//Arrange
var registration = await DataProcessingRegistrationHelper.CreateAsync(TestEnvironment.DefaultOrganizationId, A <string>());
var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id);
var role = businessRoleDtos.First();
//Act
var availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, role.Id);
//Assert
Assert.NotEmpty(availableUsers);
}
public async Task Cannot_Remove_Unassigned_Role()
{
//Arrange
var registration = await DataProcessingRegistrationHelper.CreateAsync(TestEnvironment.DefaultOrganizationId, A <string>());
var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id);
var role = businessRoleDtos.First();
var availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, role.Id);
var user = availableUsers.First();
//Act - check on an registration where no role has been added yet
using var removeResponse = await DataProcessingRegistrationHelper.SendRemoveRoleRequestAsync(registration.Id, role.Id, user.Id);
//Assert response
Assert.Equal(HttpStatusCode.BadRequest, removeResponse.StatusCode);
}
public async Task Cannot_Assign_Duplicate_Role()
{
//Arrange
var registration = await DataProcessingRegistrationHelper.CreateAsync(TestEnvironment.DefaultOrganizationId, A <string>());
var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id);
var role = businessRoleDtos.First();
var availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, role.Id);
var user = availableUsers.First();
using var succeededResponse = await DataProcessingRegistrationHelper.SendAssignRoleRequestAsync(registration.Id, role.Id, user.Id);
//Act
using var duplicateResponse = await DataProcessingRegistrationHelper.SendAssignRoleRequestAsync(registration.Id, role.Id, user.Id);
//Assert response
Assert.Equal(HttpStatusCode.OK, succeededResponse.StatusCode);
Assert.Equal(HttpStatusCode.Conflict, duplicateResponse.StatusCode);
}
public async Task ReadModels_Update_When_Child_Entities_Are_Removed()
{
//Arrange
var name = A <string>();
var organizationId = TestEnvironment.DefaultOrganizationId;
var registration = await DataProcessingRegistrationHelper.CreateAsync(organizationId, name);
var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id);
var role = businessRoleDtos.First();
var availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, role.Id);
var user = availableUsers.First();
using var response1 = await DataProcessingRegistrationHelper.SendAssignRoleRequestAsync(registration.Id, role.Id, user.Id);
Assert.Equal(HttpStatusCode.OK, response1.StatusCode);
await WaitForReadModelQueueDepletion();
using var response2 = await DataProcessingRegistrationHelper.SendRemoveRoleRequestAsync(registration.Id, role.Id, user.Id);
Assert.Equal(HttpStatusCode.OK, response2.StatusCode);
await WaitForReadModelQueueDepletion();
//Act
var result = (await DataProcessingRegistrationHelper.QueryReadModelByNameContent(organizationId, name, 1, 0)).ToList();
//Assert
var readModel = Assert.Single(result);
Assert.Equal(name, readModel.Name);
Assert.Equal(registration.Id, readModel.SourceEntityId);
Assert.Empty(readModel.RoleAssignments);
}
public async Task Write_Access_Business_Role_To_Owner_Root_Provides_Write_Access_To_Advices()
{
//Arrange
var registration = await DataProcessingRegistrationHelper.CreateAsync(TestEnvironment.DefaultOrganizationId, A <string>());
var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id);
var writeAccessRole = businessRoleDtos.First(x => x.HasWriteAccess);
var availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, writeAccessRole.Id);
var readOnlyUserCredentials = TestEnvironment.GetCredentials(OrganizationRole.User);
var readOnlyUser = availableUsers.First(x => x.Email.Equals(readOnlyUserCredentials.Username, StringComparison.OrdinalIgnoreCase));
var readOnlyUserCookie = await HttpApi.GetCookieAsync(OrganizationRole.User);
var recipient = CreateDefaultEmailRecipient(CreateWellformedEmail());
var advice = CreateDefaultAdvice(Scheduling.Day, AdviceType.Repeat, recipient);
advice.RelationId = registration.Id;
advice.Type = RelatedEntityType.dataProcessingRegistration;
// ****************************************
// ************* Act + assert *************
// ****************************************
// Before role has been assigned the user has no write access to the root
await AssertAdviceCreationReturns(advice, readOnlyUserCookie, HttpStatusCode.Forbidden);
using var assignResponse = await DataProcessingRegistrationHelper.SendAssignRoleRequestAsync(registration.Id, writeAccessRole.Id, readOnlyUser.Id);
// With the write-access role assigned, the user should be allowed to create advices (modify the root)
await AssertAdviceCreationReturns(advice, readOnlyUserCookie, HttpStatusCode.Created);
using var response = await DataProcessingRegistrationHelper.SendRemoveRoleRequestAsync(registration.Id, writeAccessRole.Id, readOnlyUser.Id);
//Removing the role should revert the assigned write access
await AssertAdviceCreationReturns(advice, readOnlyUserCookie, HttpStatusCode.Forbidden);
}
public async Task ReadModels_Contain_Correct_Content()
{
//Arrange
var name = A <string>();
var dpName = $"Dp:{name}";
var subDpName = $"Sub_Dp:{name}";
var systemName = $"SYSTEM:{name}";
var contractName = $"CONTRACT:{name}";
var refName = $"REF:{name}";
var refUserAssignedId = $"REF:{name}EXT_ID";
var refUrl = $"https://www.test-rm{A<uint>()}.dk";
var refDisp = A <Display>();
var organizationId = TestEnvironment.DefaultOrganizationId;
var isAgreementConcluded = A <YesNoIrrelevantOption>();
var oversightInterval = A <YearMonthIntervalOption>();
var oversightCompleted = A <YesNoUndecidedOption>();
var oversightDate = A <DateTime>();
var oversightRemark = A <string>();
Console.Out.WriteLine($"Testing in the context of DPR with name:{name}");
var dataProcessor = await OrganizationHelper.CreateOrganizationAsync(organizationId, dpName, "22334455", OrganizationTypeKeys.Virksomhed, AccessModifier.Public);
var subDataProcessor = await OrganizationHelper.CreateOrganizationAsync(organizationId, subDpName, "22314455", OrganizationTypeKeys.Virksomhed, AccessModifier.Public);
var registration = await DataProcessingRegistrationHelper.CreateAsync(organizationId, name);
await DataProcessingRegistrationHelper.SendChangeOversightIntervalOptionRequestAsync(registration.Id, oversightInterval);
await DataProcessingRegistrationHelper.SendChangeIsOversightCompletedRequestAsync(registration.Id, oversightCompleted);
var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id);
var role = businessRoleDtos.First();
var availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, role.Id);
var user = availableUsers.First();
_testOutputHelper.WriteLine($"Attempting to assign user {user.Id}:{user.Email} as role {role.Id}:{role.Name} in dpr {registration.Id}:{registration.Name}");
using var response = await DataProcessingRegistrationHelper.SendAssignRoleRequestAsync(registration.Id, role.Id, user.Id);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
//Basis for transfer
var options = (await DataProcessingRegistrationHelper.GetBasisForTransferOptionsAsync(TestEnvironment.DefaultOrganizationId)).ToList();
var basisForTransfer = options[Math.Abs(A <int>()) % options.Count];
using var assignResponse = await DataProcessingRegistrationHelper.SendAssignBasisForTransferRequestAsync(registration.Id, basisForTransfer.Id);
Assert.Equal(HttpStatusCode.OK, assignResponse.StatusCode);
//Enable and set third country
var transferToThirdCountries = A <YesNoUndecidedOption>();
using var setInsecureCountryStateResponse = await DataProcessingRegistrationHelper.SendSetUseTransferToInsecureThirdCountriesStateRequestAsync(registration.Id, transferToThirdCountries);
Assert.Equal(HttpStatusCode.OK, setInsecureCountryStateResponse.StatusCode);
//Set data responsible
var dataOptions = await DataProcessingRegistrationHelper.GetAvailableOptionsRequestAsync(organizationId);
var dataResponsibleOption = dataOptions.DataResponsibleOptions.First();
using var setDataResponsibleResponse = await DataProcessingRegistrationHelper.SendAssignDataResponsibleRequestAsync(registration.Id, dataResponsibleOption.Id);
Assert.Equal(HttpStatusCode.OK, setDataResponsibleResponse.StatusCode);
//Set oversight option
var oversightOption = dataOptions.OversightOptions.First();
using var setOversightOptionResponse = await DataProcessingRegistrationHelper.SendAssignOversightOptionRequestAsync(registration.Id, oversightOption.Id);
Assert.Equal(HttpStatusCode.OK, setDataResponsibleResponse.StatusCode);
//Enable and set sub processors
using var setStateRequest = await DataProcessingRegistrationHelper.SendSetUseSubDataProcessorsStateRequestAsync(registration.Id, YesNoUndecidedOption.Yes);
Assert.Equal(HttpStatusCode.OK, setStateRequest.StatusCode);
using var sendAssignDataProcessorRequestAsync = await DataProcessingRegistrationHelper.SendAssignDataProcessorRequestAsync(registration.Id, dataProcessor.Id);
Assert.Equal(HttpStatusCode.OK, sendAssignDataProcessorRequestAsync.StatusCode);
using var sendAssignSubDataProcessorRequestAsync = await DataProcessingRegistrationHelper.SendAssignSubDataProcessorRequestAsync(registration.Id, subDataProcessor.Id);
Assert.Equal(HttpStatusCode.OK, sendAssignSubDataProcessorRequestAsync.StatusCode);
//Concluded state
await DataProcessingRegistrationHelper.SendChangeIsAgreementConcludedRequestAsync(registration.Id, isAgreementConcluded);
//Latest oversight date
await DataProcessingRegistrationHelper.SendAssignOversightDateRequestAsync(registration.Id, oversightDate, oversightRemark);
//References
await ReferencesHelper.CreateReferenceAsync(refName, refUserAssignedId, refUrl, refDisp, dto => dto.DataProcessingRegistration_Id = registration.Id);
//Systems
var itSystemDto = await ItSystemHelper.CreateItSystemInOrganizationAsync(systemName, organizationId, AccessModifier.Public);
var usage = await ItSystemHelper.TakeIntoUseAsync(itSystemDto.Id, organizationId);
using var assignSystemResponse = await DataProcessingRegistrationHelper.SendAssignSystemRequestAsync(registration.Id, usage.Id);
Assert.Equal(HttpStatusCode.OK, assignSystemResponse.StatusCode);
//Contracts
var contractDto = await ItContractHelper.CreateContract(contractName, organizationId);
using var assignDataProcessingResponse = await ItContractHelper.SendAssignDataProcessingRegistrationAsync(contractDto.Id, registration.Id);
Assert.Equal(HttpStatusCode.OK, assignDataProcessingResponse.StatusCode);
//Wait for read model to rebuild (wait for the LAST mutation)
await WaitForReadModelQueueDepletion();
Console.Out.WriteLine("Read models are up to date");
//Act
var readModels = (await DataProcessingRegistrationHelper.QueryReadModelByNameContent(organizationId, name, 1, 0)).ToList();
//Assert
var readModel = Assert.Single(readModels);
Console.Out.WriteLine("Read model found");
Assert.Equal(name, readModel.Name);
Assert.Equal(registration.Id, readModel.SourceEntityId);
Assert.Equal(refName, readModel.MainReferenceTitle);
Assert.Equal(refUrl, readModel.MainReferenceUrl);
Assert.Equal(refUserAssignedId, readModel.MainReferenceUserAssignedId);
Assert.Equal(oversightInterval, readModel.OversightInterval);
Assert.Equal(oversightCompleted, readModel.IsOversightCompleted);
Assert.Equal(dataProcessor.Name, readModel.DataProcessorNamesAsCsv);
Assert.Equal(subDataProcessor.Name, readModel.SubDataProcessorNamesAsCsv);
Assert.Equal(isAgreementConcluded, readModel.IsAgreementConcluded);
Assert.Equal(transferToThirdCountries, readModel.TransferToInsecureThirdCountries);
Assert.Equal(basisForTransfer.Name, readModel.BasisForTransfer);
Assert.Equal(dataResponsibleOption.Name, readModel.DataResponsible);
Assert.Equal(oversightOption.Name, readModel.OversightOptionNamesAsCsv);
Assert.Equal(contractName, readModel.ContractNamesAsCsv);
Assert.Equal(systemName, readModel.SystemNamesAsCsv);
Assert.Equal(oversightDate, readModel.LatestOversightDate);
Console.Out.WriteLine("Flat values asserted");
Console.Out.WriteLine("Asserting role assignments");
var roleAssignment = Assert.Single(readModel.RoleAssignments);
Console.Out.WriteLine("Found one role assignment as expected");
Assert.Equal(role.Id, roleAssignment.RoleId);
Assert.Equal(user.Id, roleAssignment.UserId);
Assert.Equal(user.Name, roleAssignment.UserFullName);
Console.Out.WriteLine("Role data verified");
//Assert that the source object can be deleted and that the readmodel is gone now
var deleteResponse = await DataProcessingRegistrationHelper.SendDeleteRequestAsync(registration.Id);
Assert.Equal(HttpStatusCode.OK, deleteResponse.StatusCode);
readModels = (await DataProcessingRegistrationHelper.QueryReadModelByNameContent(organizationId, name, 1, 0)).ToList();
Assert.Empty(readModels);
}
