public void GrantUserObjectAccess(ISiteSetting siteSetting, Guid objectId, string objectLogicalName, Guid userId, int accessrightmask) { IOrganizationService organizationService = GetClientContext(siteSetting); //no delete access GrantAccessRequest grant = new GrantAccessRequest(); grant.Target = new EntityReference(objectLogicalName, objectId); PrincipalAccess principal = new PrincipalAccess(); principal.Principal = new EntityReference("systemuser", userId); principal.AccessMask = AccessRights.ReadAccess | AccessRights.AppendAccess | AccessRights.WriteAccess | AccessRights.AppendToAccess | AccessRights.ShareAccess | AccessRights.AssignAccess; grant.PrincipalAccess = principal; try { GrantAccessResponse grant_response = (GrantAccessResponse)organizationService.Execute(grant); } catch (Exception ex) { throw ex; } /* * Entity account = new Entity("principalobjectaccess"); * account["objectid"] = objectId; * account["principalid"] = userId; * account["accessrightsmask"] = accessrightmask; * Guid _accountId = organizationService.Create(account); */ }
private GrantAccessResponse HandleGrantAccess(OrganizationRequest orgRequest, EntityReference userRef) { var request = MakeRequest <GrantAccessRequest>(orgRequest); var resp = new GrantAccessResponse(); dataMethods.GrantAccess(request.Target, request.PrincipalAccess, userRef); return(resp); }
public async Task Remove_Two_UserAccessPermission_FromUserWithClientAccess_AndRegionAccess_SingleCost_Pass() { var grantAccessResponse = new GrantAccessResponse { UserGroup = new UserGroup(), New = true, UserGroups = new[] { Guid.NewGuid().ToString() } }; var userBeingUpdated = _users.First(user => user.Id == _UserWithTwoRolesId); var agencyOwnerBusinessRole = _businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyOwner); var firstCost = _costs.First(a => a.CostNumber == "number1"); var updateUserModel = new UpdateUserModel { AccessDetails = new List <AccessDetail>() }; EfContext.AbstractType.AddRange(_abstractTypes); EfContext.Role.AddRange(_roles); EfContext.BusinessRole.AddRange(_businessRoles); EfContext.CostUser.AddRange(_users); EfContext.Cost.AddRange(_costs); EfContext.SaveChanges(); _costStageRevisionServiceMock.Setup(a => a.GetStageDetails <PgStageDetailsForm>(It.IsAny <Guid>())).ReturnsAsync(_costStageReviDetailsFormFirstCost); _permissionServiceMock.Setup(a => a.CheckHasAccess(_xUserId, userBeingUpdated.Id, AclActionType.Edit, "user")).ReturnsAsync(true); _permissionServiceMock .Setup(a => a.GrantUserAccess <Cost>(agencyOwnerBusinessRole.RoleId, firstCost.Id, userBeingUpdated, BuType.Pg, null, _costStageReviDetailsFormFirstCost.SmoName, It.IsAny <bool>())) .ReturnsAsync(grantAccessResponse); _permissionServiceMock.Setup(a => a.RevokeAccessForSubjectWithRole(It.IsAny <Guid>(), It.IsAny <Guid>(), It.IsAny <Guid>(), null, It.IsAny <bool>())) .ReturnsAsync(new[] { Guid.NewGuid().ToString() }); // Act var result = await _pgUserService.UpdateUser(User, userBeingUpdated.Id, updateUserModel, BuType.Pg); // Assert result.Messages.First().Should().Be("User updated."); result.Success.Should().Be(true); _permissionServiceMock.Verify(a => a.RevokeAccessForSubjectWithRole(It.IsAny <Guid>(), _UserWithTwoRolesId, It.IsAny <Guid>(), null, It.IsAny <bool>()), Times.Exactly(2)); _permissionServiceMock.Verify( a => a.GrantUserAccess <Cost>(agencyOwnerBusinessRole.RoleId, firstCost.Id, userBeingUpdated, BuType.Pg, null, _costStageReviDetailsFormFirstCost.BudgetRegion.Name, It.IsAny <bool>()), Times.Never); }
protected override void Execute(CodeActivityContext executionContext) { #region "Load CRM Service from context" Common objCommon = new Common(executionContext); objCommon.tracingService.Trace("Load CRM Service from context --- OK"); #endregion #region "Read Parameters" String _SharingRecordURL = this.SharingRecordURL.Get(executionContext); if (_SharingRecordURL == null || _SharingRecordURL == "") { return; } string[] urlParts = _SharingRecordURL.Split("?".ToArray()); string[] urlParams = urlParts[1].Split("&".ToCharArray()); string objectTypeCode = urlParams[0].Replace("etc=", ""); string objectId = urlParams[1].Replace("id=", ""); objCommon.tracingService.Trace("ObjectTypeCode=" + objectTypeCode + "--ParentId=" + objectId); EntityReference teamReference = this.Team.Get(executionContext); principals.Clear(); if (teamReference != null) { principals.Add(teamReference); } #endregion #region "ApplyRoutingRuteamReferenceleRequest Execution" string EntityName = objCommon.sGetEntityNameFromCode(objectTypeCode, objCommon.service); EntityReference refObject = new EntityReference(EntityName, new Guid(objectId)); objCommon.tracingService.Trace("Grant Request--- Start"); GrantAccessRequest grantRequest = new GrantAccessRequest(); grantRequest.Target = refObject; grantRequest.PrincipalAccess = new PrincipalAccess(); grantRequest.PrincipalAccess.AccessMask = (AccessRights)getMask(executionContext); foreach (EntityReference principalObject2 in principals) { grantRequest.PrincipalAccess.Principal = principalObject2; GrantAccessResponse grantResponse = (GrantAccessResponse)objCommon.service.Execute(grantRequest); } objCommon.tracingService.Trace("Grant Request--- end"); #endregion }
public void GrantAccess(EntityReference Record, EntityReference Principal, AccessRights AccessRights) { PrincipalAccess principalAccess = new PrincipalAccess(); principalAccess.Principal = Principal; principalAccess.AccessMask = AccessRights; GrantAccessRequest grantAccessRequest = new GrantAccessRequest(); grantAccessRequest.Target = Record; grantAccessRequest.PrincipalAccess = principalAccess; GrantAccessResponse grantAccessResponse = (GrantAccessResponse)OrganizationService.Execute(grantAccessRequest); }
/// <summary> /// Grants a specific user Read Access to a specific Entity record. /// </summary> /// <param name="OrganizationService"></param> /// <param name="Record">EntityReference of the record.</param> /// <param name="UserId">GUID of user that is getting access.</param> public void GrantUserReadAccess(EntityReference Record, Guid UserId) { PrincipalAccess principalAccess = new PrincipalAccess(); principalAccess.Principal = new EntityReference("systemuser", UserId); principalAccess.AccessMask = AccessRights.ReadAccess; GrantAccessRequest grantAccessRequest = new GrantAccessRequest(); grantAccessRequest.Target = Record; grantAccessRequest.PrincipalAccess = principalAccess; GrantAccessResponse grantAccessResponse = (GrantAccessResponse)OrganizationService.Execute(grantAccessRequest); }
//Share function private void ShareRecord(Guid userId, Entity task, IOrganizationService service, CodeActivityContext activityContext) { GrantAccessRequest grantRequest = new GrantAccessRequest() { Target = new EntityReference(task.LogicalName, task.Id), PrincipalAccess = new PrincipalAccess() { Principal = new EntityReference("systemuser", userId), AccessMask = (AccessRights)getMask(activityContext) } }; // Execute the request. GrantAccessResponse grantResponse = (GrantAccessResponse)service.Execute(grantRequest); }
//Share function private void ShareRecordasReadOnly(Guid Userid, Entity task, IOrganizationService service) { GrantAccessRequest grantRequest = new GrantAccessRequest() { Target = new EntityReference(task.LogicalName, task.Id), PrincipalAccess = new PrincipalAccess() { Principal = new EntityReference("systemuser", Userid), AccessMask = AccessRights.ReadAccess } }; // Execute the request. GrantAccessResponse grantResponse = (GrantAccessResponse)service.Execute(grantRequest); }
//Share function private void ShareRecord(Guid teamId, Entity workOrder, IOrganizationService service, CodeActivityContext activityContext) { GrantAccessRequest grantRequest = new GrantAccessRequest() { Target = new EntityReference(workOrder.LogicalName, workOrder.Id), PrincipalAccess = new PrincipalAccess() { Principal = new EntityReference("team", teamId), AccessMask = (AccessRights)getMask(activityContext) } }; // Execute the request. GrantAccessResponse grantResponse = (GrantAccessResponse)service.Execute(grantRequest); }
/// <summary> /// Unmarshaller the response from the service to the response class. /// </summary> /// <param name="context"></param> /// <returns></returns> public override AmazonWebServiceResponse Unmarshall(JsonUnmarshallerContext context) { GrantAccessResponse response = new GrantAccessResponse(); context.Read(); int targetDepth = context.CurrentDepth; while (context.ReadAtDepth(targetDepth)) { if (context.TestExpression("TemporaryCredential", targetDepth)) { var unmarshaller = TemporaryCredentialUnmarshaller.Instance; response.TemporaryCredential = unmarshaller.Unmarshall(context); continue; } } return(response); }
/// <summary> /// Demonstrates sharing records by exercising various access messages including: /// Grant, Modify, Revoke, RetrievePrincipalAccess, and /// RetrievePrincipalsAndAccess. /// </summary> /// <param name="serverConfig">Contains server connection information.</param> /// <param name="promptforDelete">When True, the user will be prompted to delete all /// created entities.</param> public void Run(ServerConnection.Configuration serverConfig, bool promptforDelete) { try { // Connect to the Organization service. // The using statement assures that the service proxy will be properly disposed. using (_serviceProxy = new OrganizationServiceProxy(serverConfig.OrganizationUri, serverConfig.HomeRealmUri, serverConfig.Credentials, serverConfig.DeviceCredentials)) { // This statement is required to enable early-bound type support. _serviceProxy.EnableProxyTypes(); _service = (IOrganizationService)_serviceProxy; CreateRequiredRecords(); #region GrantAccess Message // Create the request object and set the target and principal access // object. GrantAccessRequest grantRequest = new GrantAccessRequest() { Target = new EntityReference(Account.EntityLogicalName, _accountId), PrincipalAccess = new PrincipalAccess() { Principal = new EntityReference(SystemUser.EntityLogicalName, _userId), AccessMask = AccessRights.WriteAccess | AccessRights.ReadAccess | AccessRights.ShareAccess } }; // Execute the request. GrantAccessResponse grantResponse = (GrantAccessResponse)_service.Execute(grantRequest); Console.Write("Access Granted "); #endregion #region ModifyAccess Message // Create the request object and set the target and principal access // object. ModifyAccessRequest modifyRequest = new ModifyAccessRequest() { Target = new EntityReference(Account.EntityLogicalName, _accountId), PrincipalAccess = new PrincipalAccess() { Principal = new EntityReference(SystemUser.EntityLogicalName, _userId), AccessMask = AccessRights.ReadAccess | AccessRights.ShareAccess } }; // Execute the request. ModifyAccessResponse modifyResponse = (ModifyAccessResponse)_service.Execute(modifyRequest); Console.Write("and Modified. "); #endregion #region RetrievePrincipalAccess Message // Create the request object and set the target and principal. RetrievePrincipalAccessRequest retrieveRequest = new RetrievePrincipalAccessRequest() { Target = new EntityReference(Account.EntityLogicalName, _accountId), Principal = new EntityReference(SystemUser.EntityLogicalName, _userId) }; // Execute the request. RetrievePrincipalAccessResponse retrieveResponse = (RetrievePrincipalAccessResponse)_service.Execute(retrieveRequest); Console.Write("Retrieved principal access. "); #endregion #region RetrieveSharedPrincipalsAndAccess Message // Create the request object and set the target. RetrieveSharedPrincipalsAndAccessRequest retrieveSharedRequest = new RetrieveSharedPrincipalsAndAccessRequest() { Target = new EntityReference(Account.EntityLogicalName, _accountId) }; // Execute the request. RetrieveSharedPrincipalsAndAccessResponse retrieveSharedResponse = (RetrieveSharedPrincipalsAndAccessResponse)_service.Execute(retrieveSharedRequest); Console.Write("Retrieved principals and access. "); #endregion #region RevokeAccess Message // Create the request object and set the target and revokee. RevokeAccessRequest revokeRequest = new RevokeAccessRequest() { Target = new EntityReference(Account.EntityLogicalName, _accountId), Revokee = new EntityReference(SystemUser.EntityLogicalName, _userId) }; // Execute the request. RevokeAccessResponse revokeResponse = (RevokeAccessResponse)_service.Execute(revokeRequest); Console.Write("Revoked Access."); #endregion DeleteRequiredRecords(promptforDelete); } } // Catch any service fault exceptions that Microsoft Dynamics CRM throws. catch (FaultException <Microsoft.Xrm.Sdk.OrganizationServiceFault> ) { // You can handle an exception here or pass it back to the calling method. throw; } }
public async Task Add_SingleUserAccessPermission_ToRegion_ForSingleCost_Pass() { var grantAccessResponse = new GrantAccessResponse { UserGroup = new UserGroup(), New = true, UserGroups = new[] { Guid.NewGuid().ToString() } }; var updateUserModel = new UpdateUserModel { AccessDetails = new List <AccessDetail> { new AccessDetail { ObjectType = core.Constants.AccessObjectType.Region, BusinessRoleId = _businessRoles.First(a => a.Value == Constants.BusinessRole.AgencyOwner).Id, LabelName = "RegionOne" } } }; EfContext.AbstractType.AddRange(_abstractTypes); EfContext.Role.AddRange(_roles); EfContext.BusinessRole.AddRange(_businessRoles); EfContext.CostUser.AddRange(_users); EfContext.Cost.AddRange(_costs); EfContext.SaveChanges(); var userBeingUpdated = _users.First(user => user.Id == _userNoRoles); var agencyOwnerBusinessRole = _businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyOwner); var firstCost = _costs.First(a => a.CostNumber == "number1"); _costStageRevisionServiceMock.Setup(a => a.GetStageDetails <PgStageDetailsForm>(It.IsAny <CostStageRevision>())).Returns(_costStageReviDetailsFormFirstCost); _permissionServiceMock.Setup(a => a.CheckHasAccess(_xUserId, userBeingUpdated.Id, AclActionType.Edit, "user")).ReturnsAsync(true); _permissionServiceMock .Setup(a => a.GrantUserAccess <Cost>( agencyOwnerBusinessRole.RoleId, firstCost.Id, userBeingUpdated, BuType.Pg, null, _costStageReviDetailsFormFirstCost.SmoName, It.IsAny <bool>())) .ReturnsAsync(grantAccessResponse); // Act var result = await _pgUserService.UpdateUser(User, userBeingUpdated.Id, updateUserModel, BuType.Pg); // Assert result.Messages.First().Should().Be("User updated."); result.Success.Should().Be(true); var verifyUser = EfContext.CostUser.First(a => a.Id == userBeingUpdated.Id); verifyUser.UserBusinessRoles.Count.Should().Be(1); verifyUser.UserBusinessRoles.First().BusinessRole.Id.Should().Be(_businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyOwner).Id); verifyUser.UserBusinessRoles.First().BusinessRole.Value.Should().Be(_businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyOwner).Value); verifyUser.UserBusinessRoles.First().BusinessRole.Key.Should().Be(_businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyOwner).Key); verifyUser.UserBusinessRoles.First().BusinessRole.Role.Id.Should().Be(_businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyOwner).Role.Id); _permissionServiceMock.Verify( a => a.GrantUserAccess <Cost>(agencyOwnerBusinessRole.RoleId, firstCost.Id, userBeingUpdated, BuType.Pg, null, _costStageReviDetailsFormFirstCost.BudgetRegion.Name , It.IsAny <bool>()), Times.Once); }
public async Task Add_TwoUserAccessPermission_OneRegion_OneGlobal_ForSingleCost_Pass() { var grantAccessResponse = new GrantAccessResponse { UserGroup = new UserGroup(), New = true, UserGroups = new[] { Guid.NewGuid().ToString() } }; var updateUserModel = new UpdateUserModel { AccessDetails = new List <AccessDetail> { new AccessDetail { ObjectId = _abstractTypes.First(a => a.Type == core.Constants.AccessObjectType.Module).Id, BusinessRoleId = _businessRoles.First(a => a.Value == Constants.BusinessRole.AgencyOwner).Id, ObjectType = core.Constants.AccessObjectType.Client }, new AccessDetail { ObjectType = core.Constants.AccessObjectType.Region, BusinessRoleId = _businessRoles.First(a => a.Value == Constants.BusinessRole.AgencyFinanceManager).Id, LabelName = "RegionOne" } } }; EfContext.AbstractType.AddRange(_abstractTypes); EfContext.Role.AddRange(_roles); EfContext.BusinessRole.AddRange(_businessRoles); EfContext.CostUser.AddRange(_users); EfContext.Cost.AddRange(_costs); EfContext.SaveChanges(); var userBeingUpdated = _users.First(user => user.Id == _userNoRoles); var agencyOwnerBusinessRole = _businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyOwner); var firstCost = _costs.First(a => a.CostNumber == "number1"); var agencyAbstractType = _abstractTypes.First(a => a.Type == core.Constants.AccessObjectType.Agency); _costStageRevisionServiceMock.Setup(a => a.GetStageDetails <PgStageDetailsForm>(It.IsAny <CostStageRevision>())).Returns(_costStageReviDetailsFormFirstCost); _permissionServiceMock.Setup(a => a.CheckHasAccess(_xUserId, userBeingUpdated.Id, AclActionType.Edit, "user")).ReturnsAsync(true); _permissionServiceMock .Setup(a => a.GrantUserAccess <Cost>(agencyOwnerBusinessRole.RoleId, firstCost.Id, userBeingUpdated, BuType.Pg, null, _costStageReviDetailsFormFirstCost.SmoName, It.IsAny <bool>())) .ReturnsAsync(grantAccessResponse); _permissionServiceMock.Setup(a => a.CreateDomainNode(typeof(AbstractType).Name.ToSnakeCase(), agencyAbstractType.Id, It.IsAny <Guid>(), It.IsAny <Guid>())) .ReturnsAsync(new[] { Guid.NewGuid().ToString() }); _pgAgencyServiceMock.Setup(a => a.GetOrCreatePseudoAgencies(It.IsAny <Agency[]>())) .ReturnsAsync( _abstractTypes .Where(at => at.Type == core.Constants.AccessObjectType.Agency) .Select(a => new AbstractType()) .ToList() ); // Act var result = await _pgUserService.UpdateUser(User, userBeingUpdated.Id, updateUserModel, BuType.Pg); // Assert result.Messages.First().Should().Be("User updated."); result.Success.Should().Be(true); var verifyUser = EfContext.CostUser.First(a => a.Id == userBeingUpdated.Id); verifyUser.UserBusinessRoles.Count.Should().Be(3); verifyUser.UserBusinessRoles.First().BusinessRole.Id.Should().Be(_businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyOwner).Id); verifyUser.UserBusinessRoles.First().BusinessRole.Value.Should().Be(_businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyOwner).Value); verifyUser.UserBusinessRoles.First().BusinessRole.Key.Should().Be(_businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyOwner).Key); verifyUser.UserBusinessRoles.First().BusinessRole.Role.Id.Should().Be(_businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyOwner).Role.Id); verifyUser.UserBusinessRoles.First().Labels.Length.Should().Be(0); verifyUser.UserBusinessRoles.Last().BusinessRole.Id.Should().Be(_businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyFinanceManager).Id); verifyUser.UserBusinessRoles.Last().BusinessRole.Value.Should().Be(_businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyFinanceManager).Value); verifyUser.UserBusinessRoles.Last().BusinessRole.Key.Should().Be(_businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyFinanceManager).Key); verifyUser.UserBusinessRoles.Last().BusinessRole.Role.Id.Should().Be(_businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyFinanceManager).Role.Id); verifyUser.UserBusinessRoles.Last().Labels.Length.Should().Be(1); verifyUser.UserBusinessRoles.Last().Labels.First().Should().Be("RegionOne"); //Only one cost exists so only needed to be Add_ed _permissionServiceMock.Verify( a => a.GrantUserAccess <Cost>(agencyOwnerBusinessRole.RoleId, firstCost.Id, userBeingUpdated, BuType.Pg, null, _costStageReviDetailsFormFirstCost.BudgetRegion.Name, It.IsAny <bool>()), Times.Once); }
public async Task Add_Two_UserAccessPermission_TwoDifferentRegions_singleBusinessRoleWithLabels_SingleCost_Pass() { var grantAccessResponse = new GrantAccessResponse { UserGroup = new UserGroup(), New = true, UserGroups = new[] { Guid.NewGuid().ToString() } }; var userBeingUpdated = _users.First(user => user.Id == _userNoRoles); var firstCost = _costs.First(a => a.CostNumber == "number1"); var secondCost = _costs.First(a => a.CostNumber == "number2"); var thirdCost = _costs.First(a => a.CostNumber == "number3"); //Same Role is used here on purpose! //We are checking if the Business Role gains extra labels! var updateUserModel = new UpdateUserModel { AccessDetails = new List <AccessDetail> { new AccessDetail { ObjectType = core.Constants.AccessObjectType.Region, BusinessRoleId = _businessRoles.First(a => a.Value == Constants.BusinessRole.AgencyFinanceManager).Id, LabelName = "RegionTwo" }, new AccessDetail { ObjectType = core.Constants.AccessObjectType.Region, BusinessRoleId = _businessRoles.First(a => a.Value == Constants.BusinessRole.AgencyFinanceManager).Id, LabelName = "RegionOne" } } }; EfContext.AbstractType.AddRange(_abstractTypes); EfContext.Role.AddRange(_roles); EfContext.BusinessRole.AddRange(_businessRoles); EfContext.CostUser.AddRange(_users); EfContext.Cost.AddRange(_costs); EfContext.SaveChanges(); _costStageRevisionServiceMock.Setup(a => a.GetStageDetails <PgStageDetailsForm>(firstCost.LatestCostStageRevision)) .Returns(_costStageReviDetailsFormFirstCost); _costStageRevisionServiceMock.Setup(a => a.GetStageDetails <PgStageDetailsForm>(secondCost.LatestCostStageRevision)) .Returns(_costStageReviDetailsFormSecondCost); _costStageRevisionServiceMock.Setup(a => a.GetStageDetails <PgStageDetailsForm>(thirdCost.LatestCostStageRevision)) .Returns(_costStageReviDetailsFormThirdCost); _permissionServiceMock.Setup(a => a.CheckHasAccess(_xUserId, userBeingUpdated.Id, AclActionType.Edit, "user")).ReturnsAsync(true); _permissionServiceMock .Setup(a => a.GrantUserAccess <Cost>(It.IsAny <Guid>(), It.IsAny <Guid>(), userBeingUpdated, BuType.Pg, null, It.IsAny <string>(), It.IsAny <bool>())) .ReturnsAsync(grantAccessResponse); _permissionServiceMock.Setup(a => a.RevokeAccessForSubjectWithRole(It.IsAny <Guid>(), It.IsAny <Guid>(), It.IsAny <Guid>(), null, It.IsAny <bool>())) .ReturnsAsync(new[] { Guid.NewGuid().ToString() }); // Act var result = await _pgUserService.UpdateUser(User, userBeingUpdated.Id, updateUserModel, BuType.Pg); // Assert result.Messages.First().Should().Be("User updated."); result.Success.Should().Be(true); var verifyUser = EfContext.CostUser.First(a => a.Id == userBeingUpdated.Id); verifyUser.UserBusinessRoles.Count.Should().Be(1); verifyUser.UserBusinessRoles.First().Labels.Length.Should().Be(2); verifyUser.UserBusinessRoles.First().Labels.Any(a => a.Contains("RegionTwo")).Should().BeTrue(); verifyUser.UserBusinessRoles.First().Labels.Any(a => a.Contains("RegionOne")).Should().BeTrue(); _permissionServiceMock.Verify( a => a.GrantUserAccess <Cost>(It.IsAny <Guid>(), It.IsIn(firstCost.Id, secondCost.Id, thirdCost.Id), userBeingUpdated, BuType.Pg, null, It.IsIn(_costStageReviDetailsFormFirstCost.BudgetRegion.Name, _costStageReviDetailsFormSecondCost.BudgetRegion.Name, _costStageReviDetailsFormThirdCost.BudgetRegion.Name), It.IsAny <bool>()), Times.Once); }
public async Task Add_SingleUserAccessPermission_ToSmo_ForSingleCost_Pass() { var grantAccessResponse = new GrantAccessResponse { UserGroup = new UserGroup(), New = true, UserGroups = new[] { Guid.NewGuid().ToString() } }; var clientModule = new Module { Id = Guid.NewGuid(), ClientType = ClientType.Pg, Name = "Procter & Gamble", ClientTag = "costPG", Key = "P&G" }; var abstractTypes = new List <AbstractType> { new AbstractType { Id = Guid.NewGuid(), ObjectId = clientModule.Id, Module = clientModule, Type = core.Constants.AccessObjectType.Module } }; var updateUserModel = new UpdateUserModel { AccessDetails = new List <AccessDetail> { new AccessDetail { ObjectType = core.Constants.AccessObjectType.Smo, BusinessRoleId = _businessRoles.First(a => a.Value == Constants.BusinessRole.AgencyOwner).Id, LabelName = "SmoName1" } } }; EfContext.AbstractType.AddRange(abstractTypes); EfContext.Role.AddRange(_roles); EfContext.BusinessRole.AddRange(_businessRoles); EfContext.CostUser.AddRange(_users); EfContext.Cost.AddRange(_costs); EfContext.SaveChanges(); var userBeingUpdated = _users.First(user => user.Id == _userNoRoles); var agencyOwnerBusinessRole = _businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyOwner); var firstCost = _costs.First(a => a.CostNumber == "number1"); _costStageRevisionServiceMock.Setup(a => a.GetStageDetails <PgStageDetailsForm>(It.IsAny <Guid>())).ReturnsAsync(_costStageReviDetailsFormFirstCost); _permissionServiceMock.Setup(a => a.CheckHasAccess(_xUserId, userBeingUpdated.Id, AclActionType.Edit, "user")).ReturnsAsync(true); _permissionServiceMock .Setup(a => a.GrantUserAccess <Cost>(agencyOwnerBusinessRole.RoleId, firstCost.Id, userBeingUpdated, BuType.Pg, null, _costStageReviDetailsFormFirstCost.SmoName, It.IsAny <bool>())) .ReturnsAsync(grantAccessResponse); _aclClientMock.Setup(a => a.Access.CheckAccessToDomainNode(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>())) .ReturnsAsync(HttpStatusCode.OK); _aclClientMock.Setup(a => a.Get.GetObjectUserGroups(It.IsAny <string>(), It.IsAny <string>())).ReturnsAsync(new AclResponseObject <List <ResponseRole> > { Status = HttpStatusCode.OK, Response = new List <ResponseRole> { new ResponseRole { ExternalId = Guid.NewGuid().ToString(), Name = Guid.NewGuid().ToString() } } }); _permissionServiceMock .Setup(a => a.GrantUserAccess <Cost>( agencyOwnerBusinessRole.RoleId, firstCost.Id, userBeingUpdated, BuType.Pg, null, _costStageReviDetailsFormFirstCost.SmoName, It.IsAny <bool>())) .ReturnsAsync(grantAccessResponse); // Act var result = await _pgUserService.UpdateUser(User, userBeingUpdated.Id, updateUserModel, BuType.Pg); // Assert result.Messages.First().Should().Be("User updated."); result.Success.Should().Be(true); var verifyUser = EfContext.CostUser.First(a => a.Id == userBeingUpdated.Id); verifyUser.UserBusinessRoles.Count.Should().Be(1); verifyUser.UserBusinessRoles.First().BusinessRole.Id.Should().Be(_businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyOwner).Id); verifyUser.UserBusinessRoles.First().BusinessRole.Value.Should().Be(_businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyOwner).Value); verifyUser.UserBusinessRoles.First().BusinessRole.Key.Should().Be(_businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyOwner).Key); verifyUser.UserBusinessRoles.First().BusinessRole.Role.Id.Should().Be(_businessRoles.First(br => br.Value == Constants.BusinessRole.AgencyOwner).Role.Id); _permissionServiceMock.Verify( a => a.GrantUserAccess <Cost>( agencyOwnerBusinessRole.RoleId, firstCost.Id, userBeingUpdated, BuType.Pg, null, _costStageReviDetailsFormFirstCost.SmoName, It.IsAny <bool>()), Times.Once); }