public void AuthorizeCoreTest2()
{
CcAuthorizeAttribute_Accessor target = new CcAuthorizeAttribute_Accessor(new FixedRoles[] { FixedRoles.Ser, FixedRoles.AgencyUser });
myHttpContext httpContext = new myHttpContext();
httpContext.User = new myUser(); // is it possible that user is not initialized ?
// if it is this test should return false
//Assert.IsFalse(target.AuthorizeCore(httpContext));
ccEntities db = initDB();
httpContext.User = new myUser()
{
role = FixedRoles.AgencyOfficer, Identity = new myIdentity()
{
Name = "YosiAgencyOfficer", IsAuthenticated = false
}
};
////should deny unauthorized user
Assert.IsFalse(target.Auth(httpContext, db));
httpContext.User = new myUser()
{
role = FixedRoles.AgencyOfficer, Identity = new myIdentity()
{
Name = "YosiAgencyOfficer", IsAuthenticated = true
}
};
////should deny user from different role
Assert.IsFalse(target.Auth(httpContext, db));
httpContext.User = new myUser()
{
role = FixedRoles.Admin, Identity = new myIdentity()
{
Name = "YosiAdmin", IsAuthenticated = true
}
};
((myUser)(httpContext.User)).role = FixedRoles.Admin;
////should allow the same role
Assert.IsFalse(target.Auth(httpContext, db));
httpContext.User = new myUser()
{
role = FixedRoles.AgencyUser, Identity = new myIdentity()
{
Name = "YosiAgencyUser", IsAuthenticated = true
}
};
((myUser)(httpContext.User)).role = FixedRoles.AgencyUser;
Assert.IsTrue(target.Auth(httpContext, db));
httpContext.User = new myUser()
{
role = FixedRoles.GlobalOfficer, Identity = new myIdentity()
{
Name = "YosiGlobalOfficer", IsAuthenticated = true
}
};
((myUser)(httpContext.User)).role = FixedRoles.GlobalOfficer;
Assert.IsFalse(target.Auth(httpContext, db));
httpContext.User = new myUser()
{
role = FixedRoles.Ser, Identity = new myIdentity()
{
Name = "YosiSer", IsAuthenticated = true
}
};
((myUser)(httpContext.User)).role = FixedRoles.Ser;
Assert.IsTrue(target.Auth(httpContext, db));
}
public void AuthorizeCoreTest()
{
CcAuthorizeAttribute_Accessor target = new CcAuthorizeAttribute_Accessor(FixedRoles.Admin); // TODO: Initialize to an appropriate value
//target.CurrentUser = new User() ;
//HttpContextBase httpContext = null; // TODO: Initialize to an appropriate value
//Mock<HttpContextWrapper> mock = new Mock<HttpContextWrapper>(new object[1] {null});
myHttpContext httpContext = new myHttpContext();
httpContext.User = new myUser();
ccEntities db = initDB();
////should deny an empty user
//Assert.IsFalse(target.AuthorizeCore(httpContext));
httpContext.User = new myUser()
{
role = FixedRoles.AgencyOfficer, Identity = new myIdentity()
{
Name = "YosiAgencyOfficer", IsAuthenticated = false
}
};
////should deny unauthorized user
Assert.IsFalse(target.Auth(httpContext, db));
httpContext.User = new myUser()
{
role = FixedRoles.AgencyOfficer, Identity = new myIdentity()
{
Name = "YosiAgencyOfficer", IsAuthenticated = true
}
};
////should deny user from different role
Assert.IsFalse(target.Auth(httpContext, db));
httpContext.User = new myUser()
{
role = FixedRoles.Admin, Identity = new myIdentity()
{
Name = "YosiAdmin", IsAuthenticated = true
}
};
((myUser)(httpContext.User)).role = FixedRoles.Admin;
////should allow the same role
Assert.IsTrue(target.Auth(httpContext, db));
httpContext.User = new myUser()
{
role = FixedRoles.AgencyUser, Identity = new myIdentity()
{
Name = "YosiAgencyUser", IsAuthenticated = true
}
};
((myUser)(httpContext.User)).role = FixedRoles.AgencyUser;
Assert.IsFalse(target.Auth(httpContext, db));
httpContext.User = new myUser()
{
role = FixedRoles.GlobalOfficer, Identity = new myIdentity()
{
Name = "YosiGlobalOfficer", IsAuthenticated = true
}
};
((myUser)(httpContext.User)).role = FixedRoles.GlobalOfficer;
Assert.IsFalse(target.Auth(httpContext, db));
httpContext.User = new myUser()
{
role = FixedRoles.Ser, Identity = new myIdentity()
{
Name = "YosiSer", IsAuthenticated = true
}
};
((myUser)(httpContext.User)).role = FixedRoles.Ser;
Assert.IsFalse(target.Auth(httpContext, db));
////should deny an empty user
//Assert.IsFalse(target.AuthorizeCore(httpContext));
////should deny user from different role
//target.CurrentUser.RoleId = (int)FixedRoles.AgencyOfficer;
//Assert.IsFalse(target.AuthorizeCore(httpContext));
////should allow the same role
//target.CurrentUser.RoleId = (int)FixedRoles.Admin;
//Assert.IsTrue(target.AuthorizeCore(httpContext));
////should deny undefined role
//target.CurrentUser.RoleId = (int)(FixedRoles.AgencyOfficer|FixedRoles.Admin);
//Assert.IsFalse(target.AuthorizeCore(httpContext));
}
