public void Does_not_allow_RequiredRole_service_with_CredentialsAuth_without_Role()
{
try
{
var client = GetClient();
var authResponse = client.Send(
new Authenticate
{
provider = CredentialsAuthProvider.Name,
UserName = "******", // Does not have Role
Password = "******",
RememberMe = true,
});
var request = new RequiresRole {
Name = "test"
};
var response = client.Send <RequiresRoleResponse>(request);
Assert.Fail("Should Throw");
}
catch (WebServiceException webEx)
{
Assert.That(webEx.StatusCode, Is.EqualTo((int)HttpStatusCode.Forbidden));
}
}
public void Can_call_RequiredRole_service_with_CredentialsAuth_with_Role()
{
try
{
var client = GetClient();
var authResponse = client.Send(
new Authenticate
{
provider = CredentialsAuthProvider.Name,
UserName = UserName, // Has Role
Password = Password,
RememberMe = true,
});
var request = new RequiresRole {
Name = "test"
};
var response = client.Send <RequiresRoleResponse>(request);
Assert.That(response.Result, Is.EqualTo(request.Name));
}
catch (WebServiceException webEx)
{
Assert.Fail(webEx.Message);
}
}
public void Can_call_RequiredRole_service_with_BasicAuth()
{
try
{
var client = GetClientWithUserPassword();
var request = new RequiresRole {
Name = "test"
};
var response = client.Send <RequiresRoleResponse>(request);
Assert.That(response.Result, Is.EqualTo(request.Name));
}
catch (WebServiceException webEx)
{
Assert.Fail(webEx.Message);
}
}
public void RequiredRole_service_returns_unauthorized_if_no_basic_auth_header_exists()
{
try
{
var client = GetClient();
var request = new RequiresRole {
Name = "test"
};
var response = client.Send <RequiresRoleResponse>(request);
Assert.Fail();
}
catch (WebServiceException webEx)
{
Assert.That(webEx.StatusCode, Is.EqualTo((int)HttpStatusCode.Unauthorized));
Console.WriteLine(webEx.ResponseDto.Dump());
}
}
public void RequiredRole_service_returns_forbidden_if_basic_auth_header_exists()
{
try
{
var client = GetClient();
((ServiceClientBase)client).UserName = EmailBasedUsername;
((ServiceClientBase)client).Password = PasswordForEmailBasedAccount;
var request = new RequiresRole {
Name = "test"
};
var response = client.Send <RequiresRoleResponse>(request);
Assert.Fail();
}
catch (WebServiceException webEx)
{
Assert.That(webEx.StatusCode, Is.EqualTo((int)HttpStatusCode.Forbidden));
Console.WriteLine(webEx.ResponseDto.Dump());
}
}
public object Any(RequiresRole request)
{
return(new RequiresRoleResponse {
Result = request.Name
});
}
