Ejemplo n.º 1
0
    public async Task <ActionResult> DeleteMembership([FromRoute] int membershipId, CancellationToken cancellationToken = default)
    {
        // Check if the membership exists
        MembershipExistsQuery existsQuery = new MembershipExistsQuery {
            GroupMembershipId = membershipId
        };

        bool exists = await _mediator.Send(existsQuery, cancellationToken);

        if (!exists)
        {
            return(NotFound(new ErrorResource
            {
                StatusCode = StatusCodes.Status404NotFound,
                Message = $"Membership with ID '{membershipId}' does not exist"
            }));
        }

        // Check if the user is permitted to delete
        CanDeleteMembershipQuery canDeleteQuery = new CanDeleteMembershipQuery {
            GroupMembershipIdToDelete = membershipId
        };
        bool canDelete = await _mediator.Send(canDeleteQuery, cancellationToken);

        if (!canDelete)
        {
            return(StatusCode(StatusCodes.Status403Forbidden, new ErrorResource
            {
                StatusCode = StatusCodes.Status403Forbidden,
                Message = "You are not permitted to delete users from this group. This privilege is only granted to administrators of the group"
            }));
        }

        // Delete the membership
        DeleteMembershipCommand deleteCommand = new DeleteMembershipCommand {
            GroupMembershipId = membershipId
        };

        await _mediator.Send(deleteCommand, cancellationToken);

        return(NoContent());
    }
Ejemplo n.º 2
0
        public async Task CanDeleteMembershipQueryHandler_ShouldReturnFalse_WhenUserIsNotPermitted()
        {
            // Arrange
            CanDeleteMembershipQuery request = new CanDeleteMembershipQuery
            {
                GroupMembershipIdToDelete = 1
            };

            _unitOfWorkMock
            .Setup(m => m.GroupMemberships.CanDeleteMembership(1, request.GroupMembershipIdToDelete, It.IsAny <CancellationToken>()))
            .ReturnsAsync(false);

            CanDeleteMembershipQuery.Handler handler = new CanDeleteMembershipQuery.Handler(_unitOfWorkMock.Object, _userProviderMock.Object);

            // Act
            bool canDelete = await handler.Handle(request);

            // Assert
            Assert.False(canDelete);
        }