public void SaveCalculation_OnBackendError_ThenExceptionThrown()
{
// Arrange
ICalculationsApiClient calcsClient = Substitute.For <ICalculationsApiClient>();
IMapper mapper = MappingHelper.CreateFrontEndMapper();
string specificationId = "1";
string calculationId = "5";
IAuthorizationHelper authorizationHelper = TestAuthHelper.CreateAuthorizationHelperSubstitute(specificationId, SpecificationActionTypes.CanEditCalculations);
CalculationController controller = CreateCalculationController(calcsClient, mapper, authorizationHelper);
calcsClient
.UpdateCalculation(calculationId, Arg.Any <CalculationUpdateModel>())
.Returns(Task.FromResult(new ApiResponse <Calculation>(System.Net.HttpStatusCode.ServiceUnavailable, null)));
CalculationUpdateViewModel updateViewModel = new CalculationUpdateViewModel()
{
SourceCode = "Source code",
};
// Act
Action a = new Action(() =>
{
IActionResult result = controller.SaveCalculation(specificationId, calculationId, updateViewModel).Result;
});
// Assert
a.Should().Throw <InvalidOperationException>();
}
public void CompilePreview_OnBackendError_ThenExceptionThrown()
{
// Arrange
string calculationId = "5";
string specificationId = "65";
ICalculationsApiClient calcsClient = Substitute.For <ICalculationsApiClient>();
IMapper mapper = MappingHelper.CreateFrontEndMapper();
IAuthorizationHelper authorizationHelper = TestAuthHelper.CreateAuthorizationHelperSubstitute(specificationId, SpecificationActionTypes.CanEditCalculations);
CalculationController controller = CreateCalculationController(calcsClient, mapper, authorizationHelper, resultsApiClient);
PreviewCompileRequestViewModel previewViewModel = new PreviewCompileRequestViewModel()
{
SourceCode = "Updated source code",
};
calcsClient
.PreviewCompile(Arg.Any <PreviewRequest>())
.Returns(Task.FromResult(new ApiResponse <PreviewResponse>(HttpStatusCode.ServiceUnavailable, null)));
CalculationUpdateViewModel updateViewModel = new CalculationUpdateViewModel()
{
SourceCode = "Source code",
};
// Act
Action a = new Action(() =>
{
IActionResult result = controller.CompilePreview(specificationId, calculationId, previewViewModel).Result;
});
// Assert
a.Should().Throw <InvalidOperationException>();
}
public void EditCalculationStatus_GivenFailedStatusCode_ThrowsInvalidOperationException()
{
//Arrange
string specificationId = "abc123";
string calculationId = "5";
PublishStatusEditModel model = new PublishStatusEditModel();
ValidatedApiResponse <PublishStatusResult> response = new ValidatedApiResponse <PublishStatusResult>(HttpStatusCode.BadRequest);
ICalculationsApiClient calcsClient = Substitute.For <ICalculationsApiClient>();
calcsClient
.UpdatePublishStatus(Arg.Is(calculationId), Arg.Is(model))
.Returns(response);
IMapper mapper = MappingHelper.CreateFrontEndMapper();
IAuthorizationHelper authorizationHelper = TestAuthHelper.CreateAuthorizationHelperSubstitute(specificationId, SpecificationActionTypes.CanEditCalculations);
CalculationController controller = CreateCalculationController(calcsClient, mapper, authorizationHelper);
// Act
Func <Task> test = async() => await controller.EditCalculationStatus(specificationId, calculationId, model);
// Assert
test
.Should()
.Throw <InvalidOperationException>();
}
public async Task EditCalculationStatus_GivenUserDoesNotHaveEditCalculationPermission_Returns403()
{
//Arrange
string specificationId = "abc123";
string calculationId = "5";
PublishStatusEditModel model = new PublishStatusEditModel();
PublishStatusResult publishStatusResult = new PublishStatusResult();
ValidatedApiResponse <PublishStatusResult> response = new ValidatedApiResponse <PublishStatusResult>(HttpStatusCode.OK, publishStatusResult);
ICalculationsApiClient calcsClient = Substitute.For <ICalculationsApiClient>();
calcsClient
.UpdatePublishStatus(Arg.Is(calculationId), Arg.Is(model))
.Returns(response);
IMapper mapper = MappingHelper.CreateFrontEndMapper();
IAuthorizationHelper authorizationHelper = Substitute.For <IAuthorizationHelper>();
authorizationHelper.DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanEditCalculations))
.Returns(false);
CalculationController controller = CreateCalculationController(calcsClient, mapper, authorizationHelper);
// Act
IActionResult result = await controller.EditCalculationStatus(specificationId, calculationId, model);
// Assert
result.Should().BeOfType <ForbidResult>();
}
public async Task CompilePreview_OnInvalidModel_ThenBadRequestReturned()
{
// Arrange
ICalculationsApiClient calcsClient = Substitute.For <ICalculationsApiClient>();
IMapper mapper = MappingHelper.CreateFrontEndMapper();
string calculationId = "5";
string specificationId = "65";
IAuthorizationHelper authorizationHelper = TestAuthHelper.CreateAuthorizationHelperSubstitute(specificationId, SpecificationActionTypes.CanEditCalculations);
CalculationController controller = CreateCalculationController(calcsClient, mapper, authorizationHelper);
PreviewCompileRequestViewModel previewViewModel = new PreviewCompileRequestViewModel()
{
SourceCode = "Updated source code",
};
// Force validation failed
controller.ModelState.AddModelError(nameof(previewViewModel.SourceCode), "Test");
// Act
IActionResult result = await controller.CompilePreview(specificationId, calculationId, previewViewModel);
// Assert
result.Should().NotBeNull();
result.Should().BeOfType <BadRequestObjectResult>();
await authorizationHelper
.DidNotReceive()
.DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Any <string>(), Arg.Any <SpecificationActionTypes>());
}
public async Task ApproveAllCalculations_GivenApproveAllCalculationsReturnsBadRequest_ThrowsInvalidOperationException()
{
//Arrange
string specificationId = "abc123";
ICalculationsApiClient calcsClient = Substitute.For <ICalculationsApiClient>();
calcsClient
.QueueApproveAllSpecificationCalculations(Arg.Is(specificationId))
.Returns(new ApiResponse <Job>(HttpStatusCode.BadRequest));
IMapper mapper = MappingHelper.CreateFrontEndMapper();
IAuthorizationHelper authorizationHelper = Substitute.For <IAuthorizationHelper>();
authorizationHelper.DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanApproveAllCalculations))
.Returns(true);
CalculationController controller = CreateCalculationController(calcsClient, mapper, authorizationHelper, resultsApiClient);
// Act
Action a = new Action(() =>
{
IActionResult result = controller.ApproveAllCalculations(specificationId).Result;
});
// Assert
a.Should().Throw <InvalidOperationException>();
}
public async Task EditCalculationStatus_GivenOKResponseFromApi_ReturnsOK()
{
//Arrange
string specificationId = "abc123";
string calculationId = "5";
PublishStatusEditModel model = new PublishStatusEditModel();
PublishStatusResult publishStatusResult = new PublishStatusResult();
ValidatedApiResponse <PublishStatusResult> response = new ValidatedApiResponse <PublishStatusResult>(HttpStatusCode.OK, publishStatusResult);
ICalculationsApiClient calcsClient = Substitute.For <ICalculationsApiClient>();
calcsClient
.UpdatePublishStatus(Arg.Is(calculationId), Arg.Is(model))
.Returns(response);
IMapper mapper = MappingHelper.CreateFrontEndMapper();
IAuthorizationHelper authorizationHelper = TestAuthHelper.CreateAuthorizationHelperSubstitute(specificationId, SpecificationActionTypes.CanEditCalculations);
CalculationController controller = CreateCalculationController(calcsClient, mapper, authorizationHelper);
// Act
IActionResult result = await controller.EditCalculationStatus(specificationId, calculationId, model);
// Assert
result
.Should()
.BeOfType <OkObjectResult>()
.Which
.Value
.Should()
.Be(publishStatusResult);
}
public async Task Should_RunGenerateCalculationCsvResultsJob_ValidId_ReturnCalculation()
{
string specificationId = "specId";
string jobId = "jobId";
ResultsJob job = new ResultsJob {
Id = jobId
};
ICalculationsApiClient calcsClient = Substitute.For <ICalculationsApiClient>();
IAuthorizationHelper authorizationHelper = Substitute.For <IAuthorizationHelper>();
IMapper mapper = MappingHelper.CreateFrontEndMapper();
IResultsApiClient resultsApiClient = Substitute.For <IResultsApiClient>();
resultsApiClient
.RunGenerateCalculationCsvResultsJob(Arg.Is(specificationId))
.Returns(new ApiResponse <ResultsJob>(HttpStatusCode.OK, job));
CalculationController controller = CreateCalculationController(calcsClient, mapper, authorizationHelper, resultsApiClient);
IActionResult actual = await controller.RunGenerateCalculationCsvResultsJob(specificationId);
actual.Should().BeOfType <OkObjectResult>();
}
public async Task SaveCalculation_OnInvalidModel_ThenBadRequestReturned()
{
// Arrange
ICalculationsApiClient calcsClient = Substitute.For <ICalculationsApiClient>();
IMapper mapper = MappingHelper.CreateFrontEndMapper();
string specificationId = "1";
string calculationId = "5";
IAuthorizationHelper authorizationHelper = TestAuthHelper.CreateAuthorizationHelperSubstitute(specificationId, SpecificationActionTypes.CanEditCalculations);
CalculationController controller = CreateCalculationController(calcsClient, mapper, authorizationHelper);
CalculationUpdateViewModel updateViewModel = new CalculationUpdateViewModel()
{
SourceCode = null,
};
// Force validation failed
controller.ModelState.AddModelError(nameof(updateViewModel.SourceCode), "Test");
// Act
IActionResult result = await controller.SaveCalculation(specificationId, calculationId, updateViewModel);
// Assert
result.Should().NotBeNull();
result.Should().BeOfType <BadRequestObjectResult>();
}
public async Task SaveCalculation_OnSuccessfulSaveRequest_ThenResponseSentToClient()
{
// Arrange
ICalculationsApiClient calcsClient = Substitute.For <ICalculationsApiClient>();
IMapper mapper = MappingHelper.CreateFrontEndMapper();
string specificationId = "1";
string calculationId = "5";
IAuthorizationHelper authorizationHelper = TestAuthHelper.CreateAuthorizationHelperSubstitute(specificationId, SpecificationActionTypes.CanEditCalculations);
CalculationController controller = CreateCalculationController(calcsClient, mapper, authorizationHelper, resultsApiClient);
CalculationUpdateViewModel updateViewModel = new CalculationUpdateViewModel()
{
SourceCode = "Updated source code"
};
Calculation existingCalculation = new Calculation()
{
Id = calculationId,
SpecificationId = specificationId,
SourceCode = "Existing source code"
};
calcsClient
.GetCalculationById(Arg.Is(calculationId))
.Returns(new ApiResponse <Calculation>(HttpStatusCode.OK, existingCalculation));
Calculation apiResultCalculation = new Calculation()
{
Id = calculationId,
SpecificationId = specificationId,
SourceCode = updateViewModel.SourceCode
};
calcsClient
.EditCalculation(specificationId, calculationId, Arg.Any <CalculationEditModel>())
.Returns(new ValidatedApiResponse <Common.ApiClient.Calcs.Models.Calculation>(HttpStatusCode.OK, apiResultCalculation));
// Act
IActionResult result = await controller.SaveCalculation(specificationId, calculationId, updateViewModel);
// Assert
result.Should().NotBeNull();
result.Should().BeOfType <OkObjectResult>();
OkObjectResult typedResult = result as OkObjectResult;
Calculation resultCalculation = typedResult.Value as Calculation;
resultCalculation?.SourceCode.Should().Be(updateViewModel.SourceCode);
}
public async Task EditCalculationStatus_GivenUserDoesNotHaveCanApproveAnyCalculationPermission_Returns403()
{
//Arrange
string specificationId = "abc123";
string calculationId = "5";
PublishStatusEditModel model = new PublishStatusEditModel()
{
PublishStatus = PublishStatus.Approved
};
ValidatedApiResponse <Calculation> response = new ValidatedApiResponse <Calculation>(HttpStatusCode.OK, new Calculation()
{
FundingStreamId = "fs1", SpecificationId = specificationId
});
ICalculationsApiClient calcsClient = Substitute.For <ICalculationsApiClient>();
calcsClient
.GetCalculationById(Arg.Is(calculationId))
.Returns(response);
IMapper mapper = MappingHelper.CreateFrontEndMapper();
IAuthorizationHelper authorizationHelper = Substitute.For <IAuthorizationHelper>();
authorizationHelper.DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanEditCalculations))
.Returns(true);
authorizationHelper.GetUserFundingStreamPermissions(Arg.Any <ClaimsPrincipal>(), Arg.Any <string>())
.Returns(Task.FromResult(new Common.ApiClient.Users.Models.FundingStreamPermission()));
CalculationController controller = CreateCalculationController(calcsClient, mapper, authorizationHelper, resultsApiClient);
// Act
IActionResult result = await controller.ApproveCalculation(specificationId, calculationId, model);
// Assert
result.Should().BeOfType <ForbidResult>();
await authorizationHelper
.Received(1)
.DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanApproveAnyCalculations));
await authorizationHelper
.Received(1)
.DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanApproveCalculations));
}
public void RedirectToEditCalc_WhenAParameterIsNull_ShouldThrowException()
{
// Arrange
ICalculationsApiClient mockCalculationApiClient = Substitute.For <ICalculationsApiClient>();
IAuthorizationHelper mockAuthorizationHelper = TestAuthHelper.CreateAuthorizationHelperSubstitute("doesnt matter", SpecificationActionTypes.CanApproveSpecification);
IMapper mockMapper = Substitute.For <IMapper>();
CalculationController controller = new CalculationController(mockCalculationApiClient, mockMapper, mockAuthorizationHelper);
// Act
Func <Task <IActionResult> > redirectToEditCalc = async() => await controller.RedirectToEditCalc(null);
// Assert
redirectToEditCalc.Should().Throw <ArgumentException>();
}
public async Task EditCalculationStatus_GivenRequestContainsACalculationInADifferentSpecification_ReturnsError()
{
//Arrange
string specificationId = "abc123";
string calculationId = "5";
PublishStatusEditModel model = new PublishStatusEditModel()
{
PublishStatus = PublishStatus.Approved
};
ValidatedApiResponse <Calculation> response = new ValidatedApiResponse <Calculation>(HttpStatusCode.OK, new Calculation()
{
FundingStreamId = "fs1", SpecificationId = "anotherSpec"
});
ICalculationsApiClient calcsClient = Substitute.For <ICalculationsApiClient>();
calcsClient
.GetCalculationById(Arg.Is(calculationId))
.Returns(response);
IMapper mapper = MappingHelper.CreateFrontEndMapper();
IAuthorizationHelper authorizationHelper = Substitute.For <IAuthorizationHelper>();
authorizationHelper.DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanEditCalculations))
.Returns(true);
authorizationHelper.GetUserFundingStreamPermissions(Arg.Any <ClaimsPrincipal>(), Arg.Any <string>())
.Returns(Task.FromResult(new Common.ApiClient.Users.Models.FundingStreamPermission()));
CalculationController controller = CreateCalculationController(calcsClient, mapper, authorizationHelper, resultsApiClient);
// Act
IActionResult result = await controller.ApproveCalculation(specificationId, calculationId, model);
// Assert
result
.Should()
.BeOfType <PreconditionFailedResult>()
.Which
.Value
.Should()
.Be("The calculation requested is not contained within the specification requested");
}
public async Task CompilePreview_OnSuccessfulSaveRequest_ThenResponseSentToClient()
{
// Arrange
ICalculationsApiClient calcsClient = Substitute.For <ICalculationsApiClient>();
IMapper mapper = MappingHelper.CreateFrontEndMapper();
string calculationId = "5";
string specificationId = "65";
IAuthorizationHelper authorizationHelper = TestAuthHelper.CreateAuthorizationHelperSubstitute(specificationId, SpecificationActionTypes.CanEditCalculations);
CalculationController controller = CreateCalculationController(calcsClient, mapper, authorizationHelper);
PreviewCompileRequestViewModel previewViewModel = new PreviewCompileRequestViewModel()
{
SourceCode = "Updated source code",
};
PreviewCompileResult apiResultCalculation = new PreviewCompileResult()
{
CompilerOutput = new CompilerOutput()
{
Success = true,
}
};
calcsClient
.PreviewCompile(Arg.Any <PreviewCompileRequest>())
.Returns(new ApiResponse <PreviewCompileResult>(System.Net.HttpStatusCode.OK, apiResultCalculation));
// Act
IActionResult result = await controller.CompilePreview(specificationId, calculationId, previewViewModel);
// Assert
result.Should().NotBeNull();
result.Should().BeOfType <OkObjectResult>();
OkObjectResult typedResult = result as OkObjectResult;
PreviewCompileResult previewResult = typedResult.Value as PreviewCompileResult;
previewResult.CompilerOutput.Success.Should().Be(apiResultCalculation.CompilerOutput.Success);
await authorizationHelper
.DidNotReceive()
.DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Any <string>(), Arg.Any <SpecificationActionTypes>());
}
private static CalculationController CreateCalculationController(
ICalculationsApiClient calcsClient,
IMapper mapper,
IAuthorizationHelper authorizationHelper,
IResultsApiClient resultsApiClient,
ClaimsPrincipal user = null)
{
var controller = new CalculationController(calcsClient, mapper, authorizationHelper, resultsApiClient);
controller.ControllerContext = new ControllerContext()
{
HttpContext = new DefaultHttpContext()
{
User = user
}
};
return(controller);
}
public async Task ApproveAllCalculations_GivenApproveAllCalculationsReturnsJob_ReturnsOK()
{
//Arrange
string specificationId = "abc123";
string jobId = "job123";
Job job = new Job {
Id = jobId
};
ICalculationsApiClient calcsClient = Substitute.For <ICalculationsApiClient>();
calcsClient
.QueueApproveAllSpecificationCalculations(Arg.Is(specificationId))
.Returns(new ApiResponse <Job>(HttpStatusCode.OK, job));
IMapper mapper = MappingHelper.CreateFrontEndMapper();
IAuthorizationHelper authorizationHelper = Substitute.For <IAuthorizationHelper>();
authorizationHelper.DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanApproveAllCalculations))
.Returns(true);
CalculationController controller = CreateCalculationController(calcsClient, mapper, authorizationHelper, resultsApiClient);
// Act
IActionResult result = await controller.ApproveAllCalculations(specificationId);
// Assert
result.Should().BeOfType <OkObjectResult>();
OkObjectResult okObjectResult = result as OkObjectResult;
okObjectResult.Should().NotBeNull();
okObjectResult.Value.Should().NotBeNull();
okObjectResult.Value.Should().BeOfType <Job>();
Job actualJob = okObjectResult.Value as Job;
actualJob.Id.Should().Be(jobId);
}
public async Task ApproveAllCalculations_GivenUserDoesNotHaveCanApproveAllCalculationPermission_Returns403()
{
//Arrange
string specificationId = "abc123";
ICalculationsApiClient calcsClient = Substitute.For <ICalculationsApiClient>();
IMapper mapper = MappingHelper.CreateFrontEndMapper();
IAuthorizationHelper authorizationHelper = Substitute.For <IAuthorizationHelper>();
authorizationHelper.DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanApproveAllCalculations))
.Returns(false);
CalculationController controller = CreateCalculationController(calcsClient, mapper, authorizationHelper, resultsApiClient);
// Act
IActionResult result = await controller.ApproveAllCalculations(specificationId);
// Assert
result.Should().BeOfType <ForbidResult>();
}
public async Task SaveCalculation_GivenUserDoesNotHaveEditCalculationPermission_ThenReturnForbidResult()
{
// Arrange
ICalculationsApiClient calcsClient = Substitute.For <ICalculationsApiClient>();
IMapper mapper = MappingHelper.CreateFrontEndMapper();
string specificationId = "1";
string calculationId = "5";
IAuthorizationHelper authorizationHelper = Substitute.For <IAuthorizationHelper>();
authorizationHelper.DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanEditCalculations))
.Returns(false);
CalculationController controller = CreateCalculationController(calcsClient, mapper, authorizationHelper);
CalculationUpdateViewModel updateViewModel = new CalculationUpdateViewModel()
{
SourceCode = "Updated source code"
};
Calculation apiResultCalculation = new Calculation()
{
Id = calculationId,
SpecificationId = specificationId,
SourceCode = updateViewModel.SourceCode,
};
calcsClient
.UpdateCalculation(calculationId, Arg.Any <CalculationUpdateModel>())
.Returns(new ApiResponse <Calculation>(System.Net.HttpStatusCode.OK, apiResultCalculation));
// Act
IActionResult result = await controller.SaveCalculation(specificationId, calculationId, updateViewModel);
// Assert
result.Should().BeOfType <ForbidResult>();
}
public async Task RedirectToEditCalc_WhenValidRequestAndCalculationIsFound_ShouldRedirectToEditCalculationPage()
{
// Arrange
const string calculationSpecificationId = "calcSpecId";
const string calculationIdReturned = "Calc55";
Calculation calculationReturned = new Calculation()
{
Id = calculationIdReturned
};
ValidatedApiResponse <Calculation> apiResponse = new ValidatedApiResponse <Calculation>(HttpStatusCode.OK, calculationReturned);
ICalculationsApiClient mockCalculationApiClient = Substitute.For <ICalculationsApiClient>();
mockCalculationApiClient
.GetCalculationByCalculationSpecificationId(calculationSpecificationId)
.Returns(apiResponse);
IAuthorizationHelper mockAuthorizationHelper = TestAuthHelper.CreateAuthorizationHelperSubstitute("doesnt matter", SpecificationActionTypes.CanApproveSpecification);
IMapper mockMapper = Substitute.For <IMapper>();
CalculationController controller = new CalculationController(mockCalculationApiClient, mockMapper, mockAuthorizationHelper);
// Act
IActionResult actionResult = await controller.RedirectToEditCalc(calculationSpecificationId);
// Assert
actionResult
.Should()
.BeOfType <RedirectResult>();
RedirectResult redirectResult = actionResult as RedirectResult;
redirectResult
.Url
.Should()
.EndWith($"calcs/editCalculation/{calculationIdReturned}");
}
public async Task EditCalculationStatus_GivenBadRequestStatusCodeFromApprovingCalc_ReturnsBadRequestObjectResponse()
{
//Arrange
string specificationId = "abc123";
string calculationId = "5";
PublishStatusEditModel model = new PublishStatusEditModel();
ICalculationsApiClient calcsClient = Substitute.For <ICalculationsApiClient>();
ValidatedApiResponse <PublishStatusResult> response = new ValidatedApiResponse <PublishStatusResult>(HttpStatusCode.BadRequest);
calcsClient
.UpdatePublishStatus(Arg.Is(calculationId), Arg.Is(model))
.Returns(response);
ValidatedApiResponse <Calculation> calculation = new ValidatedApiResponse <Calculation>(HttpStatusCode.OK, new Calculation()
{
FundingStreamId = "fs1", SpecificationId = specificationId
});
calcsClient
.GetCalculationById(Arg.Is(calculationId))
.Returns(calculation);
IMapper mapper = MappingHelper.CreateFrontEndMapper();
IAuthorizationHelper authorizationHelper = TestAuthHelper.CreateAuthorizationHelperSubstitute(specificationId, SpecificationActionTypes.CanApproveAnyCalculations);
CalculationController controller = CreateCalculationController(calcsClient, mapper, authorizationHelper, resultsApiClient);
IActionResult actionResult = await controller.ApproveCalculation(specificationId, calculationId, model);
actionResult
.Should()
.BeOfType <BadRequestObjectResult>();
}
public void RedirectToEditCalc_WhenValidRequestButCalculationNotFoundResult_ShouldThrowException()
{
// Arrange
const string calculationSpecificationId = "calcSpecId";
ValidatedApiResponse <Calculation> apiResponse = new ValidatedApiResponse <Calculation>(HttpStatusCode.NotFound);
ICalculationsApiClient calculationsApiClient = Substitute.For <ICalculationsApiClient>();
calculationsApiClient
.GetCalculationByCalculationSpecificationId(calculationSpecificationId)
.Returns(apiResponse);
IAuthorizationHelper mockAuthorizationHelper = TestAuthHelper.CreateAuthorizationHelperSubstitute("doesnt matter", SpecificationActionTypes.CanApproveSpecification);
IMapper mockMapper = Substitute.For <IMapper>();
CalculationController controller = new CalculationController(calculationsApiClient, mockMapper, mockAuthorizationHelper);
// Act
Func <Task <IActionResult> > redirectToEditCalc = async() => await controller.RedirectToEditCalc(calculationSpecificationId);
// Assert
redirectToEditCalc.Should().Throw <ApplicationException>();
}
public async Task EditCalculationStatus_GivenUserHaveCanApproveAnyCalculationPermissionAndCalcIsAlreadyApproved_ReturnsOK()
{
//Arrange
string specificationId = "abc123";
string calculationId = "5";
PublishStatusEditModel model = new PublishStatusEditModel()
{
PublishStatus = PublishStatus.Approved
};
ValidatedApiResponse <Calculation> response = new ValidatedApiResponse <Calculation>(HttpStatusCode.OK, new Calculation()
{
FundingStreamId = "fs1", SpecificationId = specificationId,
});
ICalculationsApiClient calcsClient = Substitute.For <ICalculationsApiClient>();
calcsClient
.GetCalculationById(Arg.Is(calculationId))
.Returns(response);
calcsClient
.UpdatePublishStatus(Arg.Is(calculationId), Arg.Is(model))
.Returns(new ValidatedApiResponse <PublishStatusResult>(HttpStatusCode.OK, new PublishStatusResult()
{
PublishStatus = PublishStatus.Approved
}));
IMapper mapper = MappingHelper.CreateFrontEndMapper();
IAuthorizationHelper authorizationHelper = Substitute.For <IAuthorizationHelper>();
authorizationHelper
.DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanApproveAnyCalculations))
.Returns(true);
CalculationController controller = CreateCalculationController(calcsClient, mapper, authorizationHelper, resultsApiClient);
// Act
IActionResult result = await controller.ApproveCalculation(specificationId, calculationId, model);
// Assert
result.Should()
.BeOfType <OkObjectResult>()
.Which
.Value
.Should()
.BeOfType <PublishStatusResult>()
.Which
.Should()
.BeEquivalentTo(new PublishStatusResult()
{
PublishStatus = PublishStatus.Approved
});
await authorizationHelper
.Received(1)
.DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanApproveAnyCalculations));
await authorizationHelper
.Received(0)
.DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanApproveCalculations));
}
public async Task EditCalculationStatus_GivenUserHaveCanApproveCalculationPermissionAndIsLastAuthor_ReturnsForbid()
{
//Arrange
string specificationId = "abc123";
string calculationId = "5";
PublishStatusEditModel model = new PublishStatusEditModel()
{
PublishStatus = PublishStatus.Approved
};
ValidatedApiResponse <Calculation> response = new ValidatedApiResponse <Calculation>(HttpStatusCode.OK, new Calculation()
{
FundingStreamId = "fs1", Author = new Reference()
{
Id = "SomeOne"
}, SpecificationId = specificationId
});
ICalculationsApiClient calcsClient = Substitute.For <ICalculationsApiClient>();
calcsClient
.GetCalculationById(Arg.Is(calculationId))
.Returns(response);
calcsClient
.UpdatePublishStatus(Arg.Is(calculationId), Arg.Is(model))
.Returns(new ValidatedApiResponse <PublishStatusResult>(HttpStatusCode.OK, new PublishStatusResult()));
var identity = Substitute.For <IIdentity>();
identity.Name.Returns("BSir");
ClaimsPrincipal user = new ClaimsPrincipal(new List <ClaimsIdentity>()
{
new ClaimsIdentity(identity,
new [] {
new Claim("http://schemas.microsoft.com/identity/claims/objectidentifier", "SomeOne"),
new Claim(ClaimTypes.GivenName, "Bob"),
new Claim(ClaimTypes.Surname, "Sir")
})
});
IMapper mapper = MappingHelper.CreateFrontEndMapper();
IAuthorizationHelper authorizationHelper = Substitute.For <IAuthorizationHelper>();
authorizationHelper.DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanApproveCalculations))
.Returns(true);
CalculationController controller = CreateCalculationController(calcsClient, mapper, authorizationHelper, resultsApiClient, user);
// Act
IActionResult result = await controller.ApproveCalculation(specificationId, calculationId, model);
// Assert
result.Should()
.BeOfType <ForbidResult>();
await authorizationHelper
.Received(1)
.DoesUserHavePermission(Arg.Is(user), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanApproveAnyCalculations));
await authorizationHelper
.Received(1)
.DoesUserHavePermission(Arg.Is(user), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanApproveCalculations));
}
