public void OnAuthorizationHooksCacheValidationIfUserAuthorized()
{
// Arrange
Mock <AuthorizeAttributeHelper> mockHelper = new Mock <AuthorizeAttributeHelper>()
{
CallBase = true
};
mockHelper.Setup(h => h.PublicAuthorizeCore(It.IsAny <HttpContextBase>())).Returns(true);
AuthorizeAttributeHelper helper = mockHelper.Object;
MethodInfo callbackMethod = typeof(AuthorizeAttribute).GetMethod("CacheValidateHandler", BindingFlags.Instance | BindingFlags.NonPublic);
Mock <AuthorizationContext> mockFilterContext = new Mock <AuthorizationContext>();
mockFilterContext.Setup(c => c.HttpContext.Response.Cache.SetProxyMaxAge(new TimeSpan(0))).Verifiable();
mockFilterContext.Setup(c => c.HttpContext.Items).Returns(new Hashtable());
mockFilterContext
.Setup(c => c.HttpContext.Response.Cache.AddValidationCallback(It.IsAny <HttpCacheValidateHandler>(), null /* data */))
.Callback(
delegate(HttpCacheValidateHandler handler, object data)
{
Assert.Equal(helper, handler.Target);
Assert.Equal(callbackMethod, handler.Method);
})
.Verifiable();
mockFilterContext.Setup(c => c.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true)).Returns(false);
AuthorizationContext filterContext = mockFilterContext.Object;
// Act
helper.OnAuthorization(filterContext);
// Assert
mockFilterContext.Verify();
}
public void OnAuthorizationReturnsWithNoResultIfAllowAnonymousAttributeIsDefinedOnController()
{
// Arrange
Mock <AuthorizeAttributeHelper> mockHelper = new Mock <AuthorizeAttributeHelper>()
{
CallBase = true
};
AuthorizeAttributeHelper helper = mockHelper.Object;
Mock <AuthorizationContext> mockFilterContext = new Mock <AuthorizationContext>();
mockFilterContext.Setup(c => c.HttpContext.Items).Returns(new Hashtable());
mockFilterContext
.Setup(
c =>
c.ActionDescriptor.ControllerDescriptor.IsDefined(
typeof(AllowAnonymousAttribute),
true
)
)
.Returns(true);
// Act
helper.OnAuthorization(mockFilterContext.Object);
// Assert
Assert.Null(mockFilterContext.Object.Result);
mockHelper.Verify(
h => h.PublicAuthorizeCore(It.IsAny <HttpContextBase>()),
Times.Never()
);
}
public void OnAuthorizationFailedSetsHttpUnauthorizedResultIfUserUnauthorized()
{
// Arrange
Mock <AuthorizeAttributeHelper> mockHelper = new Mock <AuthorizeAttributeHelper>()
{
CallBase = true
};
mockHelper
.Setup(h => h.PublicAuthorizeCore(It.IsAny <HttpContextBase>()))
.Returns(false);
AuthorizeAttributeHelper helper = mockHelper.Object;
AuthorizationContext filterContext =
new Mock <AuthorizationContext>()
{
DefaultValue = DefaultValue.Mock
}.Object;
// Act
helper.OnAuthorization(filterContext);
// Assert
Assert.IsType <HttpUnauthorizedResult>(filterContext.Result);
}
public void OnAuthorizationCancelsRequestIfUserUnauthorized()
{
// Arrange
Mock <AuthorizeAttributeHelper> mockHelper = new Mock <AuthorizeAttributeHelper>()
{
CallBase = true
};
mockHelper.Expect(h => h.PublicAuthorizeCore(It.IsAny <HttpContextBase>())).Returns(false);
AuthorizeAttributeHelper helper = mockHelper.Object;
AuthorizationContext filterContext = new Mock <AuthorizationContext>()
{
DefaultValue = DefaultValue.Mock
}.Object;
// Act
helper.OnAuthorization(filterContext);
// Assert
Assert.IsInstanceOfType(filterContext.Result, typeof(HttpUnauthorizedResult));
}
