public async Task RefreshPublishedResults_WhenUserDoesHaveRefreshFundingPermission_ThenActionAllowed() { // Arrange string specificationId = "abc123"; IAuthorizationHelper authorizationHelper = Substitute.For <IAuthorizationHelper>(); authorizationHelper .DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanRefreshFunding)) .Returns(true); ISpecsApiClient specsClient = CreateSpecsClient(); specsClient.RefreshPublishedResults(Arg.Is(specificationId)) .Returns(new ApiResponse <SpecificationCalculationExecutionStatusModel>(HttpStatusCode.OK, new SpecificationCalculationExecutionStatusModel())); ApprovalController controller = CreateApprovalController(specsClient: specsClient, authorizationHelper: authorizationHelper); // Act IActionResult result = await controller.RefreshPublishedResults(specificationId); // Assert result.Should().BeOfType <OkObjectResult>(); }
public async Task <IActionResult> RefreshPublishedResults(string specificationId) { Guard.IsNullOrWhiteSpace(specificationId, nameof(specificationId)); if (!await _authorizationHelper.DoesUserHavePermission(User, specificationId, SpecificationActionTypes.CanRefreshFunding)) { return(new ForbidResult()); } ApiResponse <SpecificationCalculationExecutionStatusModel> callResult = await _specsClient.RefreshPublishedResults(specificationId); if (callResult.StatusCode == HttpStatusCode.OK) { return(new OkObjectResult(callResult.Content)); } else if (callResult.StatusCode == HttpStatusCode.NoContent) { return(new NoContentResult()); } else if (callResult.StatusCode == HttpStatusCode.BadRequest) { return(new BadRequestResult()); } return(new InternalServerErrorResult($"Unexpected status from API call: '{callResult.StatusCode}'")); }