public async Task HandleAsync_UserIsNotAuthorized_ThrowsSecurityException_AndDoesNotUseDataAccess()
        {
            A.CallTo(() => authorization.EnsureCanAccessInternalArea()).Throws <SecurityException>();

            await Assert.ThrowsAsync <SecurityException>(() => Handler().HandleAsync(A.Dummy <GetAatfReturnsActiveComplianceYears>()));

            A.CallTo(() => dataAccess.Get()).MustNotHaveHappened();
        }
        public async Task <List <int> > HandleAsync(GetAatfReturnsActiveComplianceYears message)
        {
            authorization.EnsureCanAccessInternalArea();

            return(await dataAccess.Get());
        }