public async Task WhenUserIsNotAuthenticatedThenResultShouldntBeSet()
{
var sut = new CrudApiFilterAttribute("R1", ResourceAccessRight.Create);
var context = new AuthorizationFilterContext(new ActionContext(new DefaultHttpContext
{
User = new ClaimsPrincipal(new GenericIdentity("", "BB"))
}, new RouteData(), new ActionDescriptor()), new List <IFilterMetadata>());
await sut.OnAuthorizationAsync(context).ConfigureAwait(false);
context.Result.ShouldBeNull();
}
public async Task WhenUserHasAccessToSubResourceThenFilterShouldPass()
{
var sut = new CrudApiFilterAttribute("Locks@{lockId}", ResourceAccessRight.Update);
var userIdentity = new GenericIdentity("User_1", "Normal");
userIdentity.AddClaim(new Claim("Locks@123AdS", ((int)(ResourceAccessRight.Update | ResourceAccessRight.Read)).ToString()));
var context = new AuthorizationFilterContext(new ActionContext(new DefaultHttpContext
{
User = new ClaimsPrincipal(userIdentity)
}, new RouteData(RouteValueDictionary.FromArray(new[]
{
new KeyValuePair <string, object>("lockId", "123AdS"),
new KeyValuePair <string, object>("userId", "14")
})), new ActionDescriptor()), new List <IFilterMetadata>());
await sut.OnAuthorizationAsync(context).ConfigureAwait(false);
context.Result.ShouldBeNull();
}
