public async Task <ManageUserData> HandleAsync(GetUserData query)
{
authorization.EnsureCanAccessInternalArea();
var manageUserData = await dataAccess.GetOrganisationUser(query.OrganisationUserId) ??
await dataAccess.GetCompetentAuthorityUser(query.OrganisationUserId);
if (manageUserData != null &&
userContext != null &&
userContext.UserId.ToString() == manageUserData.UserId)
{
manageUserData.CanManageRoleAndStatus = false;
}
manageUserData.CanEditUser = authorization.CheckUserInRole(Roles.InternalAdmin);
return(manageUserData);
}
public async void GetUserDataHandler_WithNonInternalUser_ThrowSecurityException(AuthorizationBuilder.UserType userType)
{
// Arrange
IGetManageUserDataAccess dataAccess = A.Fake <IGetManageUserDataAccess>();
A.CallTo(() => dataAccess.GetCompetentAuthorityUser(Guid.NewGuid())).Returns(new ManageUserData());
A.CallTo(() => dataAccess.GetOrganisationUser(Guid.NewGuid())).Returns(new ManageUserData());
IWeeeAuthorization authorization = AuthorizationBuilder.CreateFromUserType(userType);
GetUserDataHandler handler = new GetUserDataHandler(userContext, authorization, dataAccess);
GetUserData request = new GetUserData(Guid.NewGuid());
// Act
Func <Task <ManageUserData> > action = () => handler.HandleAsync(request);
// Assert
await Assert.ThrowsAsync <SecurityException>(action);
}
private IGetManageUserDataAccess CreateFakeDataAccess()
{
IGetManageUserDataAccess dataAccess = A.Fake <IGetManageUserDataAccess>();
ManageUserData manageUserData = new ManageUserData
{
UserStatus = UserStatus.Active,
OrganisationId = Guid.NewGuid(),
Id = orgUserId,
UserId = Guid.NewGuid().ToString(),
Email = "*****@*****.**",
FirstName = "Test",
LastName = "Test",
OrganisationName = "Test ltd.",
IsCompetentAuthorityUser = false
};
A.CallTo(() => dataAccess.GetOrganisationUser(orgUserId)).Returns(manageUserData);
A.CallTo(() => dataAccess.GetCompetentAuthorityUser(orgUserId)).Returns(new ManageUserData());
return(dataAccess);
}