Beispiel #1
0
        public async Task Can_Get_Available_Systems()
        {
            //Arrange
            var       systemPrefix          = A <Guid>().ToString("N");
            const int organizationId        = TestEnvironment.DefaultOrganizationId;
            var       system1Name           = $"{systemPrefix}{1}";
            var       system2Name           = $"{systemPrefix}{2}";
            var       filteredOutSystemName = A <string>();
            var       registration          = await DataProcessingRegistrationHelper.CreateAsync(organizationId, A <string>());

            var system1 = await ItSystemHelper.CreateItSystemInOrganizationAsync(system1Name, organizationId, AccessModifier.Public);

            var system2 = await ItSystemHelper.CreateItSystemInOrganizationAsync(system2Name, organizationId, AccessModifier.Public);

            var filteredOutSystem = await ItSystemHelper.CreateItSystemInOrganizationAsync(filteredOutSystemName, organizationId, AccessModifier.Public);

            var usage1 = await ItSystemHelper.TakeIntoUseAsync(system1.Id, organizationId);

            var usage2 = await ItSystemHelper.TakeIntoUseAsync(system2.Id, organizationId);

            await ItSystemHelper.TakeIntoUseAsync(filteredOutSystem.Id, organizationId);

            //Act
            var dtos = (await DataProcessingRegistrationHelper.GetAvailableSystemsAsync(registration.Id, systemPrefix)).ToList();

            //Assert
            Assert.Equal(2, dtos.Count);
            dtos.Select(x => new { x.Id, x.Name }).ToExpectedObject().ShouldMatch(new[] { new { usage1.Id, system1.Name }, new { usage2.Id, system2.Name } });
        }
Beispiel #2
0
        public async Task CanModifyArchiveDutyValues(ArchiveDutyRecommendationTypes recommendation)
        {
            //Arrange
            const int organizationId = TestEnvironment.DefaultOrganizationId;
            var       comment        = A <string>();
            var       system         = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), organizationId, AccessModifier.Public);

            var initialValues = await ItSystemHelper.GetSystemAsync(system.Id);

            //Act
            using (var changeDutyResponse = await ItSystemHelper.SendChangeArchiveDutyRecommendationRequestAsync(system.Id, recommendation))
                using (var changeCommentResponse = await ItSystemHelper.SendChangeArchiveDutyRecommendationCommentRequestAsync(system.Id, comment))
                {
                    //Assert - initial and changed values
                    Assert.Equal(HttpStatusCode.OK, changeDutyResponse.StatusCode);
                    Assert.Equal(HttpStatusCode.OK, changeCommentResponse.StatusCode);
                    Assert.Null(initialValues.ArchiveDuty);
                    Assert.Null(initialValues.ArchiveDutyComment);

                    var changedValues = await ItSystemHelper.GetSystemAsync(system.Id);

                    Assert.Equal(recommendation, changedValues.ArchiveDuty);
                    Assert.Equal(comment, changedValues.ArchiveDutyComment);
                }
        }
Beispiel #3
0
        public async Task Can_Get_AvailableDestinationSystems()
        {
            //Arrange
            var prefix = CreateName();
            var source = await ItSystemHelper.CreateItSystemInOrganizationAsync(CreateName(), OrganizationId, AccessModifier.Public);

            var target1 = await ItSystemHelper.CreateItSystemInOrganizationAsync(prefix + 1, OrganizationId, AccessModifier.Public);

            var target2 = await ItSystemHelper.CreateItSystemInOrganizationAsync(prefix + 2, OrganizationId, AccessModifier.Public);

            var ignoredSystem = await ItSystemHelper.CreateItSystemInOrganizationAsync(CreateName(), OrganizationId, AccessModifier.Public);

            var sourceUsage = await ItSystemHelper.TakeIntoUseAsync(source.Id, OrganizationId);

            var targetUsage1 = await ItSystemHelper.TakeIntoUseAsync(target1.Id, OrganizationId);

            var targetUsage2 = await ItSystemHelper.TakeIntoUseAsync(target2.Id, OrganizationId);

            await ItSystemHelper.TakeIntoUseAsync(ignoredSystem.Id, OrganizationId);

            //Act
            var availableDestinationSystems = (await SystemRelationHelper.GetAvailableDestinationSystemsAsync(sourceUsage.Id, prefix))?.ToList();

            //Assert
            Assert.NotNull(availableDestinationSystems);
            Assert.Equal(2, availableDestinationSystems.Count);
            Assert.True(new[] { targetUsage1.Id, targetUsage2.Id }.SequenceEqual(availableDestinationSystems.Select(x => x.Id)));
        }
Beispiel #4
0
        public async Task Cannot_Add_SensitiveDataLevel_If_Level_Already_Exists()
        {
            //Arrange
            var cookie = await HttpApi.GetCookieAsync(OrganizationRole.GlobalAdmin);

            const int organizationId = TestEnvironment.DefaultOrganizationId;

            var system = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), organizationId, AccessModifier.Public);

            var usage = await ItSystemHelper.TakeIntoUseAsync(system.Id, system.OrganizationId);

            var sensitivityLevel = A <SensitiveDataLevel>();
            await ItSystemUsageHelper.AddSensitiveDataLevel(usage.Id, sensitivityLevel);

            //Act
            using (var result = await HttpApi.PatchWithCookieAsync(
                       TestEnvironment.CreateUrl(
                           $"api/v1/itsystemusage/{usage.Id}/sensitivityLevel/add"), cookie, sensitivityLevel))
            {
                //Assert
                Assert.Equal(HttpStatusCode.Conflict, result.StatusCode);
                var notUpdatedUsage = await ItSystemHelper.GetItSystemUsage(usage.Id);

                var sensitiveDataLevel = Assert.Single(notUpdatedUsage.SensitiveDataLevels);
                Assert.Equal(sensitivityLevel, sensitiveDataLevel.DataSensitivityLevel);
            }
        }
Beispiel #5
0
        public async Task Changing_Exposing_System_On_Interface_Clears_InterfaceField_In_All_Relations_To_Old_Exposing_System()
        {
            //Arrange
            var newExhibitor = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), TestEnvironment.DefaultOrganizationId, AccessModifier.Public);

            var input = await PrepareFullRelationAsync(false, false, true);

            //Act
            using (var response = await SystemRelationHelper.SendPostRelationRequestAsync(input))
                using (var changeExposingSystem = await InterfaceExhibitHelper.SendCreateExhibitRequest(newExhibitor.Id, input.InterfaceId.GetValueOrDefault()))
                {
                    //Assert
                    Assert.Equal(HttpStatusCode.Created, response.StatusCode);
                    Assert.Equal(HttpStatusCode.Created, changeExposingSystem.StatusCode);
                    var relation = await response.ReadResponseBodyAsKitosApiResponseAsync <SystemRelationDTO>();

                    Assert.NotNull(relation.Interface);
                    using (var getAfterDeleteResponse = await SystemRelationHelper.SendGetRelationRequestAsync(input.FromUsageId, relation.Id))
                    {
                        Assert.Equal(HttpStatusCode.OK, getAfterDeleteResponse.StatusCode);
                        var relationAfterChange = await getAfterDeleteResponse.ReadResponseBodyAsKitosApiResponseAsync <SystemRelationDTO>();

                        Assert.Null(relationAfterChange.Interface);
                    }
                }
        }
Beispiel #6
0
        public async Task Delete_SystemRelation_Returns_204()
        {
            //Arrange
            var system1 = await ItSystemHelper.CreateItSystemInOrganizationAsync(CreateName(), OrganizationId, AccessModifier.Public);

            var system2 = await ItSystemHelper.CreateItSystemInOrganizationAsync(CreateName(), OrganizationId, AccessModifier.Public);

            var usage1 = await ItSystemHelper.TakeIntoUseAsync(system1.Id, OrganizationId);

            var usage2 = await ItSystemHelper.TakeIntoUseAsync(system2.Id, OrganizationId);

            var input = new CreateSystemRelationDTO
            {
                FromUsageId = usage1.Id,
                ToUsageId   = usage2.Id,
                Description = A <string>(),
                Reference   = A <string>(),
            };

            using (var response = await SystemRelationHelper.SendPostRelationRequestAsync(input))
            {
                Assert.Equal(HttpStatusCode.Created, response.StatusCode);
                var createdRelation = await response.ReadResponseBodyAsKitosApiResponseAsync <SystemRelationDTO>();

                //Act
                using (var deleteResponse = await SystemRelationHelper.SendDeleteRelationRequestAsync(usage1.Id, createdRelation.Id))
                {
                    //Assert
                    Assert.Equal(HttpStatusCode.NoContent, deleteResponse.StatusCode);
                }
            }
        }
Beispiel #7
0
 private static Task <ItSystemDTO> CreateSystemAsync(
     int organizationId            = TestEnvironment.DefaultOrganizationId,
     string name                   = null,
     AccessModifier accessModifier = AccessModifier.Local)
 {
     return(ItSystemHelper.CreateItSystemInOrganizationAsync(name ?? CreateName(), organizationId, accessModifier));
 }
Beispiel #8
0
        public async Task Api_User_Can_Get_It_System_ParentId(OrganizationRole role)
        {
            //Arrange
            var login = await HttpApi.GetCookieAsync(role);

            const int organizationId = TestEnvironment.DefaultOrganizationId;

            var mainSystem = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), organizationId, AccessModifier.Public);

            var childSystem = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), organizationId, AccessModifier.Public);

            await ItSystemHelper.SendSetParentSystemRequestAsync(childSystem.Id, mainSystem.Id, organizationId, login);

            var token = await HttpApi.GetTokenAsync(role);

            var url = TestEnvironment.CreateUrl($"api/itsystem/{childSystem.Id}?hierarchy=true");

            //Act
            using (var httpResponse = await HttpApi.GetWithTokenAsync(url, token.Token))
            {
                //Assert
                var response = await httpResponse.ReadResponseBodyAsKitosApiResponseAsync <IEnumerable <ItSystemDTO> >();

                Assert.Equal(HttpStatusCode.OK, httpResponse.StatusCode);
                var itSystemDtos = response.ToList();
                Assert.NotEmpty(itSystemDtos);
                Assert.Equal(mainSystem.Id, itSystemDtos.First(x => x.Id == childSystem.Id).ParentId);
            }
        }
Beispiel #9
0
        public async Task Can_Delete_Objects_Which_Are_Referred_By_Report()
        {
            //Arrange - a broken link in both a system and an interface
            PurgeBrokenExternalReferencesReportTable();
            var system = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <Guid>().ToString("N"), TestEnvironment.DefaultOrganizationId, AccessModifier.Public);

            await ReferencesHelper.CreateReferenceAsync(A <string>(), null, SystemReferenceUrl, Display.Url, r => r.ItSystem_Id = system.Id);

            var referenceToBeExplicitlyDeleted = await ReferencesHelper.CreateReferenceAsync(A <string>(), null, SystemReferenceUrl, Display.Url, r => r.ItSystem_Id = system.Id);

            var interfaceDto = await InterfaceHelper.CreateInterface(InterfaceHelper.CreateInterfaceDto(A <string>(), A <string>(), TestEnvironment.DefaultOrganizationId, AccessModifier.Public));

            interfaceDto = await InterfaceHelper.SetUrlAsync(interfaceDto.Id, InterfaceUrl);

            await BrokenExternalReferencesReportHelper.TriggerRequestAsync();

            var dto = await WaitForReportGenerationCompletedAsync();

            Assert.True(dto.Available);

            //Act
            using (var deleteReferenceResponse = await ReferencesHelper.DeleteReferenceAsync(referenceToBeExplicitlyDeleted.Id))
                using (var deleteItSystemResponse = await ItSystemHelper.DeleteItSystemAsync(system.Id, TestEnvironment.DefaultOrganizationId))
                    using (var deleteInterfaceResponse = await InterfaceHelper.SendDeleteInterfaceRequestAsync(interfaceDto.Id))
                    {
                        Assert.Equal(HttpStatusCode.OK, deleteReferenceResponse.StatusCode);
                        Assert.Equal(HttpStatusCode.OK, deleteItSystemResponse.StatusCode);
                        Assert.Equal(HttpStatusCode.OK, deleteInterfaceResponse.StatusCode);
                    }
        }
Beispiel #10
0
        public async Task Cannot_Delete_System_With_Interface_Exhibits(OrganizationRole role)
        {
            //Arrange
            var login = await HttpApi.GetCookieAsync(role);

            const int organizationId = TestEnvironment.DefaultOrganizationId;

            var system = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), organizationId, AccessModifier.Public);

            var itInterfaceDto = InterfaceHelper.CreateInterfaceDto(
                A <string>(),
                A <string>(),
                organizationId,
                AccessModifier.Public);
            var itInterface = await InterfaceHelper.CreateInterface(itInterfaceDto);

            await InterfaceExhibitHelper.CreateExhibit(system.Id, itInterface.Id);

            //Act
            using (var result = await ItSystemHelper.DeleteItSystemAsync(system.Id, organizationId, login))
            {
                //Assert
                await AssertCorrectConflictResponseAsync(SystemDeleteConflict.HasInterfaceExhibits, result, system.Id);
            }
        }
Beispiel #11
0
        public async Task Get_CurrentCsv_Returns_Unicode_Encoded_Csv()
        {
            //Arrange - a broken link in both a system and an interface
            PurgeBrokenExternalReferencesReportTable();
            var system = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <Guid>().ToString("N"), TestEnvironment.DefaultOrganizationId, AccessModifier.Public);

            var systemReferenceName = A <string>();
            await ReferencesHelper.CreateReferenceAsync(systemReferenceName, null, SystemReferenceUrl, Display.Url, r => r.ItSystem_Id = system.Id);

            var interfaceDto = await InterfaceHelper.CreateInterface(InterfaceHelper.CreateInterfaceDto(A <string>(), A <string>(), TestEnvironment.DefaultOrganizationId, AccessModifier.Public));

            interfaceDto = await InterfaceHelper.SetUrlAsync(interfaceDto.Id, InterfaceUrl);

            //Act
            await BrokenExternalReferencesReportHelper.TriggerRequestAsync();

            var dto = await WaitForReportGenerationCompletedAsync();

            //Assert that the two controlled errors are present
            Assert.True(dto.Available);
            var report = await GetBrokenLinksReportAsync();

            var brokenSystemLink = Assert.Single(report[system.Name]);

            AssertBrokenLinkRow(brokenSystemLink, "IT System", system.Name, systemReferenceName, "Se fejlkode", "404", SystemReferenceUrl);
            var brokenInterfaceLink = Assert.Single(report[interfaceDto.Name]);

            AssertBrokenLinkRow(brokenInterfaceLink, "Snitflade", interfaceDto.Name, string.Empty, "Se fejlkode", "404", InterfaceUrl);
        }
Beispiel #12
0
        private async Task <(Guid uuid, int dbId)> CreateSystemAsync(int organizationId, AccessModifier accessModifier)
        {
            var systemName    = CreateName();
            var createdSystem = await ItSystemHelper.CreateItSystemInOrganizationAsync(systemName, organizationId, accessModifier);

            var entityUuid = TestEnvironment.GetEntityUuid <Core.DomainModel.ItSystem.ItSystem>(createdSystem.Id);

            return(entityUuid, createdSystem.Id);
        }
Beispiel #13
0
        private async Task <ItSystemUsageDTO> Create_System_Usage_And_Change_Value_By_Body(Object body)
        {
            const int organizationId = TestEnvironment.DefaultOrganizationId;
            var       system         = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), organizationId, AccessModifier.Public);

            var usage = await ItSystemHelper.TakeIntoUseAsync(system.Id, system.OrganizationId);

            return(await ItSystemUsageHelper.PatchSystemUsage(usage.Id, organizationId, body));
        }
Beispiel #14
0
        public async Task Put_Removes_Obsoleted_And_Removes_Usages_In_Systems()
        {
            //Arrange
            await PrepareForDetailedTest();

            var systemDto = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), TestEnvironment.DefaultOrganizationId, AccessModifier.Public);

            //Add some task refs to a system and save the expected keys (keys not removed)
            MutateDatabase(context =>
            {
                using (var taskRefs = new GenericRepository <TaskRef>(context))
                    using (var systems = new GenericRepository <Core.DomainModel.ItSystem.ItSystem>(context))
                    {
                        var itSystem = systems.GetByKey(systemDto.Id);
                        var toKeep   = taskRefs.AsQueryable().Take(2).ToList();
                        toKeep.ForEach(itSystem.TaskRefs.Add);
                        systems.Save();
                    }
            });

            var expectedTaskRefs = GetSystemTaskKeys(systemDto.Id);

            Assert.Equal(2, expectedTaskRefs.Count);

            //Add the task refs subject to removal
            MutateDatabase(db =>
            {
                using (var systems = new GenericRepository <Core.DomainModel.ItSystem.ItSystem>(db))
                    using (var taskRefs = new GenericRepository <TaskRef>(db))
                    {
                        var other              = taskRefs.AsQueryable().First();
                        var objectOwnerId      = other.ObjectOwnerId;
                        var organizationUnitId = other.OwnedByOrganizationUnitId;
                        var taskRef1           = taskRefs.Insert(CreateTaskRef(objectOwnerId, organizationUnitId));
                        var taskRef2           = taskRefs.Insert(CreateTaskRef(objectOwnerId, organizationUnitId));
                        taskRefs.Save();

                        //Add usages which we expect to be removed
                        var itSystem = systems.GetByKey(systemDto.Id);
                        itSystem.TaskRefs.Add(taskRef1);
                        itSystem.TaskRefs.Add(taskRef2);
                        systems.Save();
                    }
            });

            //Act
            await PutKle();

            //Assert
            var actualTaskRefs = GetSystemTaskKeys(systemDto.Id);

            VerifyTaskRefUsageKeys(expectedTaskRefs, actualTaskRefs);
        }
Beispiel #15
0
        public async Task Can_Get_GDPRExportReport_With_All_Fields_Set()
        {
            //Arrange
            var       sensitiveDataLevel        = A <SensitiveDataLevel>();
            var       datahandlerContractTypeId = "5";
            const int organizationId            = TestEnvironment.DefaultOrganizationId;
            var       system = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), organizationId, AccessModifier.Public);

            var usage = await ItSystemHelper.TakeIntoUseAsync(system.Id, organizationId);

            var dataProcessingRegistrationDto = await DataProcessingRegistrationHelper.CreateAsync(organizationId, A <string>());

            await DataProcessingRegistrationHelper.SendChangeIsAgreementConcludedRequestAsync(dataProcessingRegistrationDto.Id, YesNoIrrelevantOption.YES);

            using var setSystemResponse = await DataProcessingRegistrationHelper.SendAssignSystemRequestAsync(dataProcessingRegistrationDto.Id, usage.Id);

            Assert.Equal(HttpStatusCode.OK, setSystemResponse.StatusCode);
            var body = new
            {
                HostedAt             = A <HostedAt>(),
                IsBusinessCritical   = A <DataOptions>(),
                DataProcessorControl = A <DataOptions>(),
                RiskAssessment       = A <DataOptions>(),
                PreRiskAssessment    = A <RiskLevel>(),
                DPIA = A <DataOptions>()
            };
            var contract = await ItContractHelper.CreateContract(A <string>(), organizationId);

            await ItContractHelper.PatchContract(contract.Id, organizationId, new { contractTypeId = datahandlerContractTypeId });

            await ItContractHelper.AddItSystemUsage(contract.Id, usage.Id, organizationId);

            await ItSystemUsageHelper.PatchSystemUsage(usage.Id, organizationId, body);

            await ItSystemUsageHelper.AddSensitiveDataLevel(usage.Id, sensitiveDataLevel);

            var expectedUsage = await ItSystemHelper.GetItSystemUsage(usage.Id);

            //Act
            var report = await ItSystemUsageHelper.GetGDPRExportReport(organizationId);

            //Assert
            var gdprExportReport = Assert.Single(report.Where(x => x.Name == system.Name));

            AssertCorrectGdprExportReport(expectedUsage, gdprExportReport, true);
            AssertSensitiveDataLevel(sensitiveDataLevel, gdprExportReport);
        }
Beispiel #16
0
        public async Task Cannot_Set_Exposing_System(OrganizationRole role)
        {
            //Arrange
            var login = await HttpApi.GetCookieAsync(role);

            const int organizationId = TestEnvironment.DefaultOrganizationId;
            var       interfaceDto   = await InterfaceHelper.CreateInterface(InterfaceHelper.CreateInterfaceDto(A <string>(), A <string>(), organizationId, AccessModifier.Public));

            var system = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), organizationId, AccessModifier.Public);

            //Act - perform the action with the actual role
            using (var result = await InterfaceExhibitHelper.SendCreateExhibitRequest(system.Id, interfaceDto.Id, login))
            {
                //Assert
                Assert.Equal(HttpStatusCode.Forbidden, result.StatusCode);
            }
        }
Beispiel #17
0
        public async Task Cannot_Delete_System(OrganizationRole role)
        {
            //Arrange
            var login = await HttpApi.GetCookieAsync(role);

            const int organizationId = TestEnvironment.DefaultOrganizationId;

            var system = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), organizationId, AccessModifier.Public);

            //Act
            using (var result = await ItSystemHelper.DeleteItSystemAsync(system.Id, organizationId, login))
            {
                //Assert
                Assert.Equal(HttpStatusCode.Forbidden, result.StatusCode);
                await AssertSystemNotDeletedAsync(system.Id);
            }
        }
Beispiel #18
0
        public async Task Can_Add_SensitiveDataLevel()
        {
            //Arrange
            const int organizationId = TestEnvironment.DefaultOrganizationId;

            var system = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), organizationId, AccessModifier.Public);

            var usage = await ItSystemHelper.TakeIntoUseAsync(system.Id, system.OrganizationId);

            var sensitivityLevel = A <SensitiveDataLevel>();

            //Act
            var sensitivityLevelDTO =
                await ItSystemUsageHelper.AddSensitiveDataLevel(usage.Id, sensitivityLevel);

            //Assert
            Assert.Equal(sensitivityLevel, sensitivityLevelDTO.DataSensitivityLevel);
        }
        public async Task Can_Create_Reference_In_ItSystem()
        {
            //Arrange
            var systemDto = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), TestEnvironment.DefaultOrganizationId, AccessModifier.Public);


            //Act - create two similar references... we expect the first one to be the master
            var expectedMasterReference = await ReferencesHelper.CreateReferenceAsync(_title, _externalReferenceId, _referenceUrl, _display, dto => dto.ItSystem_Id = systemDto.Id);

            await ReferencesHelper.CreateReferenceAsync(_title, _externalReferenceId, _referenceUrl, _display, dto => dto.ItSystem_Id = systemDto.Id);

            //Assert
            AssertCreatedReference(_title, expectedMasterReference, _externalReferenceId, _referenceUrl, _display);
            systemDto = await ItSystemHelper.GetSystemAsync(systemDto.Id);

            Assert.Equal(2, systemDto.ExternalReferences.Count);
            Assert.Equal(expectedMasterReference.Id, systemDto.ReferenceId.GetValueOrDefault(-1)); //First reference must be marked as "the reference"
        }
Beispiel #20
0
        public async Task BelongsTo_Is_Same_As_Exhibit_System()
        {
            //Arrange
            const int organizationId = TestEnvironment.DefaultOrganizationId;
            var       interfaceDto   = await InterfaceHelper.CreateInterface(InterfaceHelper.CreateInterfaceDto(A <string>(), A <string>(), organizationId, AccessModifier.Public));

            var system = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), organizationId, AccessModifier.Public);

            //Act - perform the action with the actual role
            await InterfaceExhibitHelper.CreateExhibit(system.Id, interfaceDto.Id);

            //Assert
            var interfaceResult = await InterfaceHelper.GetInterfaceById(interfaceDto.Id);

            var systemResult = await ItSystemHelper.GetSystemAsync(system.Id);

            Assert.Equal(systemResult.BelongsToName, interfaceResult.BelongsToName);
        }
Beispiel #21
0
        public async Task Can_Change_HostedAtOptions()
        {
            //Arrange
            var       hostedAtOption = A <HostedAt>();
            var       body           = new { HostedAt = hostedAtOption };
            const int organizationId = TestEnvironment.DefaultOrganizationId;

            var system = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), organizationId, AccessModifier.Public);

            var usage = await ItSystemHelper.TakeIntoUseAsync(system.Id, system.OrganizationId);

            //Act
            var itSystemUsageDTO = await ItSystemUsageHelper.PatchSystemUsage(usage.Id, organizationId, body);

            //Assert
            Assert.NotNull(itSystemUsageDTO.HostedAt);
            Assert.Equal(hostedAtOption, itSystemUsageDTO.HostedAt.Value);
        }
Beispiel #22
0
        public async Task Cannot_Delete_System_In_Use(OrganizationRole role)
        {
            //Arrange
            var login = await HttpApi.GetCookieAsync(role);

            const int organizationId = TestEnvironment.DefaultOrganizationId;

            var system = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), organizationId, AccessModifier.Public);

            await ItSystemHelper.TakeIntoUseAsync(system.Id, organizationId);

            //Act
            using (var result = await ItSystemHelper.DeleteItSystemAsync(system.Id, organizationId, login))
            {
                //Assert
                await AssertCorrectConflictResponseAsync(SystemDeleteConflict.InUse, result, system.Id);
            }
        }
Beispiel #23
0
        public async Task Can_Get_GDPRExportReport_With_Fresh_Usage()
        {
            //Arrange
            const int organizationId = TestEnvironment.DefaultOrganizationId;
            var       system         = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), organizationId, AccessModifier.Public);

            var usage = await ItSystemHelper.TakeIntoUseAsync(system.Id, organizationId);

            var expectedUsage = await ItSystemHelper.GetItSystemUsage(usage.Id);

            //Act
            var report = await ItSystemUsageHelper.GetGDPRExportReport(organizationId);

            //Assert
            var gdprExportReport = Assert.Single(report.Where(x => x.Name == system.Name));

            AssertCorrectGdprExportReport(expectedUsage, gdprExportReport, false);
            AssertEmptyString(gdprExportReport.SensitiveDataTypes);
        }
Beispiel #24
0
        private async Task <CreateSystemRelationDTO> PrepareFullRelationAsync(bool withContract, bool withFrequency, bool withInterface)
        {
            var system1 = await ItSystemHelper.CreateItSystemInOrganizationAsync(CreateName(), OrganizationId, AccessModifier.Public);

            var system2 = await ItSystemHelper.CreateItSystemInOrganizationAsync(CreateName(), OrganizationId, AccessModifier.Public);

            var usage1 = await ItSystemHelper.TakeIntoUseAsync(system1.Id, OrganizationId);

            var usage2 = await ItSystemHelper.TakeIntoUseAsync(system2.Id, OrganizationId);

            var targetInterface = Maybe <ItInterfaceDTO> .None;

            if (withInterface)
            {
                targetInterface = await InterfaceHelper.CreateInterface(InterfaceHelper.CreateInterfaceDto(CreateName(), CreateName(), OrganizationId, AccessModifier.Public));

                await InterfaceExhibitHelper.CreateExhibit(system2.Id, targetInterface.Value.Id);
            }

            var contract = withContract ? await ItContractHelper.CreateContract(CreateName(), OrganizationId) : Maybe <ItContractDTO> .None;

            var targetFrequencyTypeId = withFrequency ? DatabaseAccess.MapFromEntitySet <RelationFrequencyType, int>(repo =>
            {
                var first = repo
                            .AsQueryable()
                            .First(x => x.IsEnabled);
                return(first.Id);
            }) : default(int?);

            var input = new CreateSystemRelationDTO
            {
                FromUsageId     = usage1.Id,
                ToUsageId       = usage2.Id,
                ContractId      = contract.Select <int?>(x => x.Id).GetValueOrDefault(),
                InterfaceId     = targetInterface.Select <int?>(x => x.Id).GetValueOrDefault(),
                Description     = A <string>(),
                Reference       = A <string>(),
                FrequencyTypeId = targetFrequencyTypeId
            };

            return(input);
        }
Beispiel #25
0
        public async Task Can_Delete_System_With_Task_Ref(OrganizationRole role)
        {
            //Arrange
            var login = await HttpApi.GetCookieAsync(role);

            const int organizationId = TestEnvironment.DefaultOrganizationId;
            const int taskRefId      = TestEnvironment.DefaultTaskRefId;

            var system = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), organizationId, AccessModifier.Public);

            await ItSystemHelper.SendSetTaskRefOnSystemRequestAsync(system.Id, taskRefId, organizationId, login);

            //Act
            using (var result = await ItSystemHelper.DeleteItSystemAsync(system.Id, organizationId, login))
            {
                //Assert
                Assert.Equal(HttpStatusCode.OK, result.StatusCode);
                await AssertSystemDeletedAsync(system.Id);
            }
        }
Beispiel #26
0
        public async Task Cannot_Delete_System_With_Child_Systems(OrganizationRole role)
        {
            //Arrange
            var login = await HttpApi.GetCookieAsync(role);

            const int organizationId = TestEnvironment.DefaultOrganizationId;

            var mainSystem = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), organizationId, AccessModifier.Public);

            var childSystem = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), organizationId, AccessModifier.Public);

            await ItSystemHelper.SendSetParentSystemRequestAsync(childSystem.Id, mainSystem.Id, organizationId, login);

            //Act
            using (var result = await ItSystemHelper.DeleteItSystemAsync(mainSystem.Id, organizationId, login))
            {
                //Assert
                await AssertCorrectConflictResponseAsync(SystemDeleteConflict.HasChildren, result, mainSystem.Id);
            }
        }
Beispiel #27
0
        public async Task Can_Assign_And_Remove_System()
        {
            //Arrange
            var       systemPrefix   = A <Guid>().ToString("N");
            const int organizationId = TestEnvironment.DefaultOrganizationId;
            var       system1Name    = $"{systemPrefix}{1}";
            var       registration   = await DataProcessingRegistrationHelper.CreateAsync(organizationId, A <string>());

            var system = await ItSystemHelper.CreateItSystemInOrganizationAsync(system1Name, organizationId, AccessModifier.Public);

            var usage = await ItSystemHelper.TakeIntoUseAsync(system.Id, organizationId);

            //Act - Add
            using var assignResponse = await DataProcessingRegistrationHelper.SendAssignSystemRequestAsync(registration.Id, usage.Id);

            using var duplicateResponse = await DataProcessingRegistrationHelper.SendAssignSystemRequestAsync(registration.Id, usage.Id);

            //Assert
            Assert.Equal(HttpStatusCode.OK, assignResponse.StatusCode);
            Assert.Equal(HttpStatusCode.Conflict, duplicateResponse.StatusCode);
            var dto = await DataProcessingRegistrationHelper.GetAsync(registration.Id);

            var systemDTO = Assert.Single(dto.ItSystems);

            Assert.Equal(usage.Id, systemDTO.Id);
            Assert.Equal(system.Name, systemDTO.Name);

            //Act - remove
            using var removeResponse = await DataProcessingRegistrationHelper.SendRemoveSystemRequestAsync(registration.Id, usage.Id);

            using var duplicateRemoveResponse = await DataProcessingRegistrationHelper.SendRemoveSystemRequestAsync(registration.Id, usage.Id);

            //Assert
            Assert.Equal(HttpStatusCode.OK, removeResponse.StatusCode);
            Assert.Equal(HttpStatusCode.BadRequest, duplicateRemoveResponse.StatusCode);
            dto = await DataProcessingRegistrationHelper.GetAsync(registration.Id);

            Assert.Empty(dto.ItSystems);
        }
Beispiel #28
0
        public async Task Cannot_Remove_SensitiveDataLevel_If_Level_Does_Not_Exists()
        {
            //Arrange
            var cookie = await HttpApi.GetCookieAsync(OrganizationRole.GlobalAdmin);

            const int organizationId = TestEnvironment.DefaultOrganizationId;

            var system = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), organizationId, AccessModifier.Public);

            var usage = await ItSystemHelper.TakeIntoUseAsync(system.Id, system.OrganizationId);

            //Act
            using (var result = await HttpApi.PatchWithCookieAsync(
                       TestEnvironment.CreateUrl(
                           $"api/v1/itsystemusage/{usage.Id}/sensitivityLevel/remove"), cookie, A <SensitiveDataLevel>()))
            {
                //Assert
                Assert.Equal(HttpStatusCode.BadRequest, result.StatusCode);
                var notUpdatedUsage = await ItSystemHelper.GetItSystemUsage(usage.Id);

                Assert.Empty(notUpdatedUsage.SensitiveDataLevels);
            }
        }
Beispiel #29
0
        public async Task Put_Removes_Obsoleted_And_Removes_Usages_And_Opt_Out_In_SystemUsages()
        {
            //Arrange
            await PrepareForDetailedTest();

            var systemDto = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), TestEnvironment.DefaultOrganizationId, AccessModifier.Public);

            //Add some task refs to a system, and an opt out in the system usage as well as additional task refs
            MutateDatabase(context =>
            {
                using (var taskRefs = new GenericRepository <TaskRef>(context))
                    using (var systems = new GenericRepository <Core.DomainModel.ItSystem.ItSystem>(context))
                    {
                        var itSystem = systems.GetByKey(systemDto.Id);
                        var toKeep   = taskRefs.AsQueryable().OrderBy(x => x.Id).Take(2).ToList();
                        toKeep.ForEach(itSystem.TaskRefs.Add);
                        systems.Save();
                    }
            });

            //Take system into use and add additional task refs as well as an opt out
            var usage = await ItSystemHelper.TakeIntoUseAsync(systemDto.Id, TestEnvironment.DefaultOrganizationId);

            MutateDatabase(context =>
            {
                using (var taskRefs = new GenericRepository <TaskRef>(context))
                    using (var systems = new GenericRepository <ItSystemUsage>(context))
                    {
                        var systemUsage = systems.GetByKey(usage.Id);
                        var toOptOut    = taskRefs.AsQueryable().OrderBy(x => x.Id).Skip(1).First();
                        var additional  = taskRefs.AsQueryable().OrderBy(x => x.Id).Skip(2).First();
                        systemUsage.TaskRefs.Add(additional);
                        systemUsage.TaskRefsOptOut.Add(toOptOut);
                        systems.Save();
                    }
            });

            var(expectedTaskRefKeys, expectedInheritedKeys, expectedOptOutKeys) = GetSystemUsageTasks(usage.Id);
            Assert.Equal(1, expectedTaskRefKeys.Count);
            Assert.Equal(2, expectedInheritedKeys.Count);
            Assert.Equal(1, expectedOptOutKeys.Count);

            //Add some additional which will be removed by import .. both to main system, opt out and local
            MutateDatabase(db =>
            {
                using (var systems = new GenericRepository <Core.DomainModel.ItSystem.ItSystem>(db))
                    using (var usages = new GenericRepository <ItSystemUsage>(db))
                        using (var taskRefs = new GenericRepository <TaskRef>(db))
                        {
                            var reference          = taskRefs.AsQueryable().First();
                            var objectOwnerId      = reference.ObjectOwnerId;
                            var organizationUnitId = reference.OwnedByOrganizationUnitId;
                            var taskRef1           = taskRefs.Insert(CreateTaskRef(objectOwnerId, organizationUnitId));
                            var taskRef2           = taskRefs.Insert(CreateTaskRef(objectOwnerId, organizationUnitId));
                            var taskRef3           = taskRefs.Insert(CreateTaskRef(objectOwnerId, organizationUnitId));
                            taskRefs.Save();

                            //Add inherited key which should be removed
                            var system = systems.GetByKey(systemDto.Id);
                            system.TaskRefs.Add(taskRef1);
                            systems.Save();

                            //Add additional task ref and opt out which should be removed
                            var systemUsage = usages.GetByKey(usage.Id);
                            systemUsage.TaskRefs.Add(taskRef2);
                            systemUsage.TaskRefsOptOut.Add(taskRef3);
                            usages.Save();
                        }
            });

            //Act
            await PutKle();

            //Assert
            var(actualTaskRefKeys, actualInheritedKeys, actualOptOutKeys) = GetSystemUsageTasks(usage.Id);
            VerifyTaskRefUsageKeys(expectedTaskRefKeys, actualTaskRefKeys);
            VerifyTaskRefUsageKeys(expectedInheritedKeys, actualInheritedKeys);
            VerifyTaskRefUsageKeys(expectedOptOutKeys, actualOptOutKeys);
        }
        public async Task ReadModels_Contain_Correct_Content()
        {
            //Arrange
            var name                 = A <string>();
            var dpName               = $"Dp:{name}";
            var subDpName            = $"Sub_Dp:{name}";
            var systemName           = $"SYSTEM:{name}";
            var contractName         = $"CONTRACT:{name}";
            var refName              = $"REF:{name}";
            var refUserAssignedId    = $"REF:{name}EXT_ID";
            var refUrl               = $"https://www.test-rm{A<uint>()}.dk";
            var refDisp              = A <Display>();
            var organizationId       = TestEnvironment.DefaultOrganizationId;
            var isAgreementConcluded = A <YesNoIrrelevantOption>();
            var oversightInterval    = A <YearMonthIntervalOption>();
            var oversightCompleted   = A <YesNoUndecidedOption>();
            var oversightDate        = A <DateTime>();
            var oversightRemark      = A <string>();

            Console.Out.WriteLine($"Testing in the context of DPR with name:{name}");

            var dataProcessor = await OrganizationHelper.CreateOrganizationAsync(organizationId, dpName, "22334455", OrganizationTypeKeys.Virksomhed, AccessModifier.Public);

            var subDataProcessor = await OrganizationHelper.CreateOrganizationAsync(organizationId, subDpName, "22314455", OrganizationTypeKeys.Virksomhed, AccessModifier.Public);

            var registration = await DataProcessingRegistrationHelper.CreateAsync(organizationId, name);

            await DataProcessingRegistrationHelper.SendChangeOversightIntervalOptionRequestAsync(registration.Id, oversightInterval);

            await DataProcessingRegistrationHelper.SendChangeIsOversightCompletedRequestAsync(registration.Id, oversightCompleted);

            var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id);

            var role           = businessRoleDtos.First();
            var availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, role.Id);

            var user = availableUsers.First();

            _testOutputHelper.WriteLine($"Attempting to assign user {user.Id}:{user.Email} as role {role.Id}:{role.Name} in dpr {registration.Id}:{registration.Name}");
            using var response = await DataProcessingRegistrationHelper.SendAssignRoleRequestAsync(registration.Id, role.Id, user.Id);

            Assert.Equal(HttpStatusCode.OK, response.StatusCode);

            //Basis for transfer
            var options          = (await DataProcessingRegistrationHelper.GetBasisForTransferOptionsAsync(TestEnvironment.DefaultOrganizationId)).ToList();
            var basisForTransfer = options[Math.Abs(A <int>()) % options.Count];

            using var assignResponse = await DataProcessingRegistrationHelper.SendAssignBasisForTransferRequestAsync(registration.Id, basisForTransfer.Id);

            Assert.Equal(HttpStatusCode.OK, assignResponse.StatusCode);

            //Enable and set third country
            var transferToThirdCountries = A <YesNoUndecidedOption>();

            using var setInsecureCountryStateResponse = await DataProcessingRegistrationHelper.SendSetUseTransferToInsecureThirdCountriesStateRequestAsync(registration.Id, transferToThirdCountries);

            Assert.Equal(HttpStatusCode.OK, setInsecureCountryStateResponse.StatusCode);

            //Set data responsible
            var dataOptions = await DataProcessingRegistrationHelper.GetAvailableOptionsRequestAsync(organizationId);

            var dataResponsibleOption = dataOptions.DataResponsibleOptions.First();

            using var setDataResponsibleResponse = await DataProcessingRegistrationHelper.SendAssignDataResponsibleRequestAsync(registration.Id, dataResponsibleOption.Id);

            Assert.Equal(HttpStatusCode.OK, setDataResponsibleResponse.StatusCode);

            //Set oversight option
            var oversightOption = dataOptions.OversightOptions.First();

            using var setOversightOptionResponse = await DataProcessingRegistrationHelper.SendAssignOversightOptionRequestAsync(registration.Id, oversightOption.Id);

            Assert.Equal(HttpStatusCode.OK, setDataResponsibleResponse.StatusCode);

            //Enable and set sub processors
            using var setStateRequest = await DataProcessingRegistrationHelper.SendSetUseSubDataProcessorsStateRequestAsync(registration.Id, YesNoUndecidedOption.Yes);

            Assert.Equal(HttpStatusCode.OK, setStateRequest.StatusCode);

            using var sendAssignDataProcessorRequestAsync = await DataProcessingRegistrationHelper.SendAssignDataProcessorRequestAsync(registration.Id, dataProcessor.Id);

            Assert.Equal(HttpStatusCode.OK, sendAssignDataProcessorRequestAsync.StatusCode);

            using var sendAssignSubDataProcessorRequestAsync = await DataProcessingRegistrationHelper.SendAssignSubDataProcessorRequestAsync(registration.Id, subDataProcessor.Id);

            Assert.Equal(HttpStatusCode.OK, sendAssignSubDataProcessorRequestAsync.StatusCode);

            //Concluded state
            await DataProcessingRegistrationHelper.SendChangeIsAgreementConcludedRequestAsync(registration.Id, isAgreementConcluded);

            //Latest oversight date
            await DataProcessingRegistrationHelper.SendAssignOversightDateRequestAsync(registration.Id, oversightDate, oversightRemark);

            //References
            await ReferencesHelper.CreateReferenceAsync(refName, refUserAssignedId, refUrl, refDisp, dto => dto.DataProcessingRegistration_Id = registration.Id);

            //Systems
            var itSystemDto = await ItSystemHelper.CreateItSystemInOrganizationAsync(systemName, organizationId, AccessModifier.Public);

            var usage = await ItSystemHelper.TakeIntoUseAsync(itSystemDto.Id, organizationId);

            using var assignSystemResponse = await DataProcessingRegistrationHelper.SendAssignSystemRequestAsync(registration.Id, usage.Id);

            Assert.Equal(HttpStatusCode.OK, assignSystemResponse.StatusCode);

            //Contracts
            var contractDto = await ItContractHelper.CreateContract(contractName, organizationId);

            using var assignDataProcessingResponse = await ItContractHelper.SendAssignDataProcessingRegistrationAsync(contractDto.Id, registration.Id);

            Assert.Equal(HttpStatusCode.OK, assignDataProcessingResponse.StatusCode);

            //Wait for read model to rebuild (wait for the LAST mutation)
            await WaitForReadModelQueueDepletion();

            Console.Out.WriteLine("Read models are up to date");

            //Act
            var readModels = (await DataProcessingRegistrationHelper.QueryReadModelByNameContent(organizationId, name, 1, 0)).ToList();

            //Assert
            var readModel = Assert.Single(readModels);

            Console.Out.WriteLine("Read model found");
            Assert.Equal(name, readModel.Name);
            Assert.Equal(registration.Id, readModel.SourceEntityId);
            Assert.Equal(refName, readModel.MainReferenceTitle);
            Assert.Equal(refUrl, readModel.MainReferenceUrl);
            Assert.Equal(refUserAssignedId, readModel.MainReferenceUserAssignedId);
            Assert.Equal(oversightInterval, readModel.OversightInterval);
            Assert.Equal(oversightCompleted, readModel.IsOversightCompleted);
            Assert.Equal(dataProcessor.Name, readModel.DataProcessorNamesAsCsv);
            Assert.Equal(subDataProcessor.Name, readModel.SubDataProcessorNamesAsCsv);
            Assert.Equal(isAgreementConcluded, readModel.IsAgreementConcluded);
            Assert.Equal(transferToThirdCountries, readModel.TransferToInsecureThirdCountries);
            Assert.Equal(basisForTransfer.Name, readModel.BasisForTransfer);
            Assert.Equal(dataResponsibleOption.Name, readModel.DataResponsible);
            Assert.Equal(oversightOption.Name, readModel.OversightOptionNamesAsCsv);
            Assert.Equal(contractName, readModel.ContractNamesAsCsv);
            Assert.Equal(systemName, readModel.SystemNamesAsCsv);
            Assert.Equal(oversightDate, readModel.LatestOversightDate);

            Console.Out.WriteLine("Flat values asserted");
            Console.Out.WriteLine("Asserting role assignments");

            var roleAssignment = Assert.Single(readModel.RoleAssignments);

            Console.Out.WriteLine("Found one role assignment as expected");

            Assert.Equal(role.Id, roleAssignment.RoleId);
            Assert.Equal(user.Id, roleAssignment.UserId);
            Assert.Equal(user.Name, roleAssignment.UserFullName);

            Console.Out.WriteLine("Role data verified");

            //Assert that the source object can be deleted and that the readmodel is gone now
            var deleteResponse = await DataProcessingRegistrationHelper.SendDeleteRequestAsync(registration.Id);

            Assert.Equal(HttpStatusCode.OK, deleteResponse.StatusCode);

            readModels = (await DataProcessingRegistrationHelper.QueryReadModelByNameContent(organizationId, name, 1, 0)).ToList();
            Assert.Empty(readModels);
        }