public async void UpdateOneExperience_NoContent() { // arrange mockRepo.Setup(x => x.GetFirstByExpressionAsync(It.IsAny <Expression <Func <Experience, bool> > >())).ReturnsAsync(GetOneAsyncTest); mockRepo.Setup(x => x.GetCategoryByNameAsync(It.IsAny <string>())).ReturnsAsync(() => new Category() { Id = Guid.NewGuid() }); mockRepo.Setup(x => x.SaveAsync()).ReturnsAsync(() => true); var user = new ClaimsPrincipal(new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Role, "Admin"), }, "mock")); controller.ControllerContext = new ControllerContext() { HttpContext = new DefaultHttpContext() { User = user } }; var id = Guid.NewGuid(); var newObj = new EditExperienceDto() { Address = "hejhej" }; // act var result = await controller.UpdateOneExperience(id, newObj); // assert var resultValue = Assert.IsAssignableFrom <NoContentResult>(result); }
public async Task <IActionResult> UpdateOneExperience([FromRoute] Guid id, [FromBody] EditExperienceDto updatedExpr) { // retrieve user to update, var exprFromDb = await _experienceRepository.GetFirstByExpressionAsync(x => x.Id == id); // if user does not exist return error if (exprFromDb == null) { var err = new ErrorObject() { Method = "PUT", At = $"/api/experiences/{id}", StatusCode = 404, Error = "Could not find experience to edit" }; return(NotFound(err)); } // if you are a user, you can only update your own experience if (User.IsInRole(Roles.User)) { var profileId = User.Claims.FirstOrDefault(x => x.Type == "profileId").Value; if (Guid.Parse(profileId) != exprFromDb.ProfileId) { var err = new ErrorObject() { Method = "PUT", At = $"/api/experiences/{id}", StatusCode = 401, Error = "Unauthorized to perform this action" }; return(Unauthorized(err)); } } // map the changes to the entity from the database _mapper.Map(updatedExpr, exprFromDb); exprFromDb.ModifiedOn = DateTime.Now; // add the changes to the database entity _experienceRepository.Update(exprFromDb); if (!await _experienceRepository.SaveAsync()) { var errMsg = "Error updating an experience"; _logger.Error(errMsg); var err = new ErrorObject() { Method = "PUT", At = $"/api/experiences/{id}", StatusCode = 500, Error = errMsg }; return(StatusCode(500, err)); } return(NoContent()); }
public async void UpdateOneExperience_NotFound() { // arrange mockRepo.Setup(x => x.GetFirstByExpressionAsync(It.IsAny <Expression <Func <Experience, bool> > >())).ReturnsAsync(() => null); var id = Guid.NewGuid(); var newObj = new EditExperienceDto() { Address = "hejhej" }; // act var result = await controller.UpdateOneExperience(id, newObj); // assert var resultValue = Assert.IsAssignableFrom <NotFoundObjectResult>(result); var returnedObj = Assert.IsType <ErrorObject>(resultValue.Value); Assert.Equal("Could not find experience to edit", returnedObj.Error); Assert.Equal("PUT", returnedObj.Method); Assert.Equal($"/api/experiences/{id}", returnedObj.At); Assert.Equal(404, returnedObj.StatusCode); }
public async void UpdateOneExperience_Problem() { // arrange mockRepo.Setup(x => x.GetFirstByExpressionAsync(It.IsAny <Expression <Func <Experience, bool> > >())).ReturnsAsync(GetOneAsyncTest); mockRepo.Setup(x => x.GetCategoryByNameAsync(It.IsAny <string>())).ReturnsAsync(() => new Category() { Id = Guid.NewGuid() }); mockRepo.Setup(x => x.SaveAsync()).ReturnsAsync(() => false); var id = Guid.NewGuid(); var newObj = new EditExperienceDto() { Address = "hejhej" }; var user = new ClaimsPrincipal(new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Role, "Admin"), }, "mock")); controller.ControllerContext = new ControllerContext() { HttpContext = new DefaultHttpContext() { User = user } }; // act var result = await controller.UpdateOneExperience(id, newObj); // assert var resultValue = Assert.IsAssignableFrom <ObjectResult>(result); var returnedObj = Assert.IsType <ErrorObject>(resultValue.Value); Assert.Equal("Error updating an experience", returnedObj.Error); Assert.Equal("PUT", returnedObj.Method); Assert.Equal($"/api/experiences/{id}", returnedObj.At); Assert.Equal(500, returnedObj.StatusCode); }
public async void UpdateOneExperience_UserDoesNotOwn() { // arrange mockRepo.Setup(x => x.GetFirstByExpressionAsync(It.IsAny <Expression <Func <Experience, bool> > >())).ReturnsAsync(GetOneAsyncTest); mockRepo.Setup(x => x.GetCategoryByNameAsync(It.IsAny <string>())).ReturnsAsync(() => null); var id = Guid.NewGuid(); var newObj = new EditExperienceDto() { Address = "hejhej" }; var user = new ClaimsPrincipal(new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Role, "User"), new Claim("profileId", Guid.NewGuid().ToString()) }, "mock")); controller.ControllerContext = new ControllerContext() { HttpContext = new DefaultHttpContext() { User = user } }; // act var result = await controller.UpdateOneExperience(id, newObj); // assert var resultValue = Assert.IsAssignableFrom <UnauthorizedObjectResult>(result); var returnedObj = Assert.IsType <ErrorObject>(resultValue.Value); Assert.Equal("Unauthorized to perform this action", returnedObj.Error); Assert.Equal("PUT", returnedObj.Method); Assert.Equal($"/api/experiences/{id}", returnedObj.At); Assert.Equal(401, returnedObj.StatusCode); }