public void Should_be_successful_when_delegate_returns_success()
        {
            // Arrange
            Func<DelegateSecurityContext, PolicyResult> successDelegate = c => PolicyResult.CreateSuccessResult(c.Policy);
            var policy = new DelegatePolicy(ValidPolicyName, successDelegate, ValidViolationHandlerDelegate);
            var context = TestDataFactory.CreateSecurityContext(true);

            // Act
            var result = policy.Enforce(context);

            // Assert
            Assert.That(result, Is.TypeOf<DelegatePolicyResult>());
            Assert.That(result.ViolationOccured, Is.False);
        }
        public void Should_throw_when_no_violation_handler_has_been_set_and_no_violation_handler_match_name()
        {
            // Arrange
            var violationHandlers = Enumerable.Empty<IPolicyViolationHandler>();
            var failureResult = PolicyResult.CreateFailureResult(new IgnorePolicy(), "Access denied");
            var policy = new DelegatePolicy("Test", c => failureResult);
            var delegatePolicyResult = new DelegatePolicyResult(failureResult, policy.Name, policy.ViolationHandler);
            var exception = new PolicyViolationException(delegatePolicyResult);
            var handler = new DelegatePolicyViolationHandler(violationHandlers);

            // Act & assert
            var caughtException = Assert.Throws<PolicyViolationException>(() => handler.Handle(exception));
            Assert.That(caughtException, Is.EqualTo(exception));
        }
        public void Should_not_be_successful_when_delegate_returns_failure()
        {
            // Arrange
            Func<DelegateSecurityContext, PolicyResult> failureDelegate = c => PolicyResult.CreateFailureResult(c.Policy, "Access denied");
            var policy = new DelegatePolicy(ValidPolicyName, failureDelegate, ValidViolationHandlerDelegate);
            var context = TestDataFactory.CreateSecurityContext(true);

            // Act
            var result = policy.Enforce(context);

            // Assert
            Assert.That(result, Is.TypeOf<DelegatePolicyResult>());
            Assert.That(result.ViolationOccured, Is.True);
            Assert.That(result.Message, Is.EqualTo("Access denied"));
        }
        public void Should_return_action_result_from_explicitly_set_violation_handler()
        {
            // Arrange
            var violationHandlers = Enumerable.Empty<IPolicyViolationHandler>();
            var expectedResult = new ContentResult { Content = "Some content" };
            var failureResult = PolicyResult.CreateFailureResult(new IgnorePolicy(), "Access denied");
            var policy = new DelegatePolicy("Test", c => failureResult, e => expectedResult);
            var delegatePolicyResult = new DelegatePolicyResult(failureResult, policy.Name, policy.ViolationHandler);
            var exception = new PolicyViolationException(delegatePolicyResult);
            var handler = new DelegatePolicyViolationHandler(violationHandlers);

            // Act
            var result = handler.Handle(exception);

            // Assert
            Assert.That(result, Is.EqualTo(expectedResult));
        }
        public void Should_pass_wrapped_security_context_to_delegate()
        {
            // Arrange
            DelegateSecurityContext delegateContext = null;
            Func<DelegateSecurityContext, PolicyResult> successDelegate = c =>
            {
                delegateContext = c;
                return PolicyResult.CreateSuccessResult(c.Policy);
            };

            var policy = new DelegatePolicy(ValidPolicyName, successDelegate, ValidViolationHandlerDelegate);
            var context = TestDataFactory.CreateSecurityContext(true);

            // Act
            policy.Enforce(context);

            // Assert
            Assert.That(typeof(ISecurityContext).IsAssignableFrom(delegateContext.GetType()), Is.True);
            Assert.That(delegateContext.CurrenUserAuthenticated(), Is.EqualTo(context.CurrenUserAuthenticated()));
            Assert.That(delegateContext.CurrenUserRoles(), Is.EqualTo(context.CurrenUserRoles()));
        }
        public void Should_return_action_result_from_violation_handler_that_match_name()
        {
            // Arrange
            var nonMatchingNameViolationHandler = new NonMatchingNameViolationHandler();
            var matchingNameViolationHandler = new MatchingNameViolationHandler();
            var violationHandlers = new List<IPolicyViolationHandler>
            {
                nonMatchingNameViolationHandler,
                matchingNameViolationHandler
            };
            var failureResult = PolicyResult.CreateFailureResult(new IgnorePolicy(), "Access denied");
            var policy = new DelegatePolicy("MatchingName", c => failureResult);
            var delegatePolicyResult = new DelegatePolicyResult(failureResult, policy.Name, policy.ViolationHandler);
            var exception = new PolicyViolationException(delegatePolicyResult);
            var handler = new DelegatePolicyViolationHandler(violationHandlers);

            // Act
            var result = handler.Handle(exception);

            // Assert
            Assert.That(result, Is.EqualTo(matchingNameViolationHandler.ActionResult));
        }
        public void Should_return_expected_name()
        {
            // Arrange
            const string expectedName = "DelegatePolicyName";
            var policy = new DelegatePolicy(expectedName, ValidPolicyDelegate, ValidViolationHandlerDelegate);

            // Act
            var name = policy.Name;

            // Assert
            Assert.That(name, Is.EqualTo(expectedName));
        }
        public void Should_have_expected_delegate()
        {
            // Arrange
            var expectedDelegate = ValidViolationHandlerDelegate;

            // Act
            var policy = new DelegatePolicy(ValidPolicyName, ValidPolicyDelegate, expectedDelegate);

            // Assert
            Assert.That(policy.ViolationHandler, Is.EqualTo(expectedDelegate));
        }
        public void Should_not_have_delegate_set_for_violation_handler()
        {
            // Act
            var policy = new DelegatePolicy(ValidPolicyName, ValidPolicyDelegate, null);

            // Assert
            Assert.That(policy.ViolationHandler, Is.Null);
        }