public void AddSecurableItemByItemId_Successful()
{
//Arrange
var existingClient = _existingClients.First(c => c.Id == FabricSampleAppClientId);
var innerSecurable2 = existingClient.TopLevelSecurableItem.SecurableItems.First(s => s.Name == "inner-securable-2");
var securableItemsModule = CreateBrowser(new Claim(Claims.ClientId, existingClient.Id),
new Claim(Claims.Scope, Scopes.WriteScope), new Claim(Claims.Scope, Scopes.ReadScope));
var securableItemToPost = new SecurableItemApiModel
{
ClientOwner = FabricSampleAppClientId,
Name = "inner-securable-3"
};
//Act
var result = securableItemsModule.Post($"/securableitems/{innerSecurable2.Id}", with => with.JsonBody(securableItemToPost))
.Result;
Assert.Equal(HttpStatusCode.Created, result.StatusCode);
var newSecurableItem = result.Body.DeserializeJson <SecurableItemApiModel>();
Assert.Equal(securableItemToPost.Name, newSecurableItem.Name);
Assert.NotNull(newSecurableItem.Id);
//Get the whole hierarchy to ensure that the new item is in the expected location
var getResult = securableItemsModule.Get("/securableitems").Result;
Assert.Equal(HttpStatusCode.OK, getResult.StatusCode);
var securableItemHierarchy = getResult.Body.DeserializeJson <SecurableItemApiModel>();
newSecurableItem = securableItemHierarchy.SecurableItems.First(s => s.Name == "inner-securable-2")
.SecurableItems.First(s => s.Name == securableItemToPost.Name);
Assert.NotNull(newSecurableItem);
}
public void AddSecurableItem_ReturnsForbidden(Claim scopeClaim, Claim clientIdClaim, bool itemLevel)
{
var existingClient = _existingClients.First(c => c.Id == FabricSampleAppClientId);
var requestClientIdClaim = (clientIdClaim != null && clientIdClaim.Value == "valid")
? new Claim(Claims.ClientId, existingClient.Id)
: clientIdClaim;
var securableItemToPost = new SecurableItemApiModel
{
ClientOwner = FabricSampleAppClientId,
Name = "inner-securable-3"
};
var securableItemsModule = CreateBrowser(scopeClaim, requestClientIdClaim);
var requestUrl = "/securableitems";
if (itemLevel)
{
var innerSecurable1 =
existingClient.TopLevelSecurableItem.SecurableItems.First(s => s.Name == "inner-securable-1");
requestUrl = requestUrl + $"/{innerSecurable1.Id}";
}
var result = securableItemsModule.Post(requestUrl, with => with.JsonBody(securableItemToPost))
.Result;
Assert.Equal(HttpStatusCode.Forbidden, result.StatusCode);
}
public void AddSecurableItem_BadRequest(SecurableItemApiModel securableItemToPost, int errorCount,
bool itemLevel)
{
var existingClient = _existingClients.First(c => c.Id == FabricSampleAppClientId);
var securableItemsModule = CreateBrowser(new Claim(Claims.ClientId, existingClient.Id),
new Claim(Claims.Scope, Scopes.WriteScope));
var requestUrl = "/securableitems";
if (itemLevel)
{
var innerSecurable1 =
existingClient.TopLevelSecurableItem.SecurableItems.First(s => s.Name == "inner-securable-1");
requestUrl = $"{requestUrl}/{innerSecurable1.Id}";
}
var result = securableItemsModule.Post(requestUrl, with => with.JsonBody(securableItemToPost)).Result;
Assert.Equal(HttpStatusCode.BadRequest, result.StatusCode);
var error = result.Body.DeserializeJson <Error>();
Assert.NotNull(error);
if (errorCount > 0)
{
Assert.Equal(errorCount, error.Details.Length);
}
}
public void AddSecurableItem_Conflict(SecurableItemApiModel securableItemToPost, bool itemLevel)
{
var existingClient = _existingClients.First(c => c.Id == FabricSampleAppClientId);
var innerSecurable1 =
existingClient.TopLevelSecurableItem.SecurableItems.First(s => s.Name == "inner-securable-1");
var securableItemsModule = CreateBrowser(new Claim(Claims.ClientId, existingClient.Id),
new Claim(Claims.Scope, Scopes.WriteScope));
var requestUrl = "/securableitems";
if (itemLevel)
{
requestUrl = $"{requestUrl}/{innerSecurable1.Id}";
}
var result = securableItemsModule.Post(requestUrl, with => with.JsonBody(securableItemToPost)).Result;
Assert.Equal(HttpStatusCode.Conflict, result.StatusCode);
}
public void AddSecurableItemByClientId_Successful()
{
var existingClient = _existingClients.First();
var securableItemsModule = CreateBrowser(new Claim(Claims.ClientId, existingClient.Id),
new Claim(Claims.Scope, Scopes.WriteScope));
var securableItemToPost = new SecurableItemApiModel
{
Name = "inner-securable-3"
};
var result = securableItemsModule.Post("/securableitems", with => with.JsonBody(securableItemToPost))
.Result;
Assert.Equal(HttpStatusCode.Created, result.StatusCode);
var newSecurableItem = result.Body.DeserializeJson <SecurableItemApiModel>();
Assert.Equal(securableItemToPost.Name, newSecurableItem.Name);
Assert.NotNull(newSecurableItem.Id);
}
public async Task AddSecurableItem_MissingRequiredScope_ForbiddenAsync()
{
var browser = CreateBrowser(
new Claim(Claims.ClientId, DosClientId),
new Claim(Claims.Scope, Scopes.WriteScope),
new Claim(Claims.Scope, Scopes.ReadScope));
var securableItemApiModel = new SecurableItemApiModel
{
Name = $"dos-child-sec-item-{Guid.NewGuid()}",
ClientOwner = DosClientId,
Grain = Domain.Defaults.Authorization.DosGrain
};
var dosSecItem = await _mockSecurableItemStore.Object.Get("datamarts");
var result = await browser.Post($"/securableitems/{dosSecItem.Id}", with => with.JsonBody(securableItemApiModel));
Assert.Equal(HttpStatusCode.Forbidden, result.StatusCode);
}
public async Task AddSecurableItem_MismatchGrain_BadRequestAsync()
{
var existingClient = _existingClients.First(c => c.Id == FabricSampleAppClientId);
var innerSecurable2 = existingClient.TopLevelSecurableItem.SecurableItems.First(s => s.Name == "inner-securable-2");
var securableItemsModule = CreateBrowser(
new Claim(Claims.ClientId, existingClient.Id),
new Claim(Claims.Scope, Scopes.WriteScope),
new Claim(Claims.Scope, Scopes.ReadScope));
var securableItemApiModel = new SecurableItemApiModel
{
Name = $"dos-child-sec-item-{Guid.NewGuid()}",
ClientOwner = FabricSampleAppClientId,
Grain = Domain.Defaults.Authorization.DosGrain
};
var result = await securableItemsModule.Post(
$"/securableitems/{innerSecurable2.Id}",
with => with.JsonBody(securableItemApiModel));
Assert.Equal(HttpStatusCode.BadRequest, result.StatusCode);
}
