public async Task UpdateFundingStreamPermission()
{
string userId = NewRandomString();
string fundingStreamId = NewRandomString();
FundingStreamPermissionUpdateModel model = new FundingStreamPermissionUpdateModel();
await AssertPutRequest($"{userId}/permissions/{fundingStreamId}",
model,
new FundingStreamPermission(),
() => _client.UpdateFundingStreamPermission(userId, fundingStreamId, model));
}
public void GivenTheUserHasTheFollowingPermissionsForFundingStream(string userId, string fundingStreamId, Table table)
{
FundingStreamPermissionUpdateModel fundingStreamPermission = table.CreateInstance <FundingStreamPermissionUpdateModel>();
PermissionsHelper helper = new PermissionsHelper();
UserPermission userPermission = new UserPermission()
{
FundingStreamId = fundingStreamId,
Permissions = fundingStreamPermission,
UserId = userId,
};
helper.ApplyPermissions(userPermission).Wait();
}
public async Task UpdatePermissionForUser_WhenPermissionsAreSetOnAFundingStreamAndNoneHaveBeenSetBefore_ThenPermissionsSaved()
{
// Arrange
IUserRepository userRepository = CreateUserRepository();
User user = new User()
{
UserId = UserId
};
userRepository
.GetUserById(Arg.Is(UserId))
.Returns(user);
FundingStreamPermission existingPermission = null;
userRepository
.GetFundingStreamPermission(Arg.Is(UserId), Arg.Is(FundingStreamId))
.Returns(existingPermission);
userRepository
.UpdateFundingStreamPermission(Arg.Any <FundingStreamPermission>())
.Returns(HttpStatusCode.Created);
ICacheProvider cacheProvider = CreateCacheProvider();
FundingStreamPermissionUpdateModel updateModel = new FundingStreamPermissionUpdateModel()
{
CanApproveFunding = true,
CanChooseFunding = false,
CanCreateSpecification = false,
CanEditCalculations = false,
CanEditSpecification = false,
CanMapDatasets = false,
CanReleaseFunding = false,
CanCreateTemplates = true,
CanEditTemplates = true,
CanDeleteTemplates = true,
CanApproveTemplates = true,
CanCreateProfilePattern = true,
CanEditProfilePattern = true,
CanDeleteProfilePattern = true,
CanAssignProfilePattern = false,
CanApplyCustomProfilePattern = false,
CanApproveCalculations = true,
CanApproveAnyCalculations = false,
CanApproveAllCalculations = false
};
IVersionRepository <FundingStreamPermissionVersion> versionRepository = CreateFundingStreamPermissionRepository();
versionRepository
.GetNextVersionNumber(Arg.Any <FundingStreamPermissionVersion>(), 0, Arg.Is(UserId))
.Returns(1);
FundingStreamPermissionService service = CreateService(
userRepository,
cacheProvider: cacheProvider,
fundingStreamPermissionVersionRepository: versionRepository);
// Act
IActionResult result = await service.UpdatePermissionForUser(UserId, FundingStreamId, updateModel, null);
// Assert
result
.Should()
.BeOfType <OkObjectResult>()
.Which
.Value
.Should()
.BeEquivalentTo <FundingStreamPermissionCurrent>(new FundingStreamPermissionCurrent()
{
UserId = UserId,
FundingStreamId = FundingStreamId,
CanApproveFunding = true,
CanChooseFunding = false,
CanCreateSpecification = false,
CanEditCalculations = false,
CanEditSpecification = false,
CanMapDatasets = false,
CanReleaseFunding = false,
CanCreateTemplates = true,
CanEditTemplates = true,
CanDeleteTemplates = true,
CanApproveTemplates = true,
CanCreateProfilePattern = true,
CanEditProfilePattern = true,
CanDeleteProfilePattern = true,
CanAssignProfilePattern = false,
CanApplyCustomProfilePattern = false,
CanApproveCalculations = true,
CanApproveAnyCalculations = false,
CanApproveAllCalculations = false,
});
await userRepository
.Received(1)
.UpdateFundingStreamPermission(Arg.Is <FundingStreamPermission>(p =>
p.FundingStreamId == FundingStreamId &&
p.UserId == UserId &&
p.CanApproveFunding &&
!p.CanChooseFunding &&
!p.CanCreateSpecification &&
!p.CanEditCalculations &&
!p.CanEditSpecification &&
!p.CanMapDatasets &&
!p.CanReleaseFunding &&
p.CanCreateTemplates &&
p.CanEditTemplates &&
p.CanDeleteTemplates &&
p.CanApproveTemplates &&
p.CanCreateProfilePattern &&
p.CanEditProfilePattern &&
p.CanDeleteProfilePattern &&
!p.CanAssignProfilePattern &&
!p.CanApplyCustomProfilePattern &&
p.CanApproveCalculations &&
!p.CanApproveAnyCalculations &&
!p.CanApproveAllCalculations
));
await cacheProvider
.Received(1)
.DeleteHashSet(Arg.Is($"{CacheKeys.EffectivePermissions}:{UserId}"));
await versionRepository
.Received(1)
.GetNextVersionNumber(Arg.Is <FundingStreamPermissionVersion>(v => v.EntityId == $"{UserId}_{FundingStreamId}"), partitionKeyId: Arg.Is(UserId));
await versionRepository
.Received(1)
.SaveVersion(Arg.Is <FundingStreamPermissionVersion>(v =>
v.EntityId == $"{UserId}_{FundingStreamId}" &&
v.Version == 1
), Arg.Is(UserId));
}
public async Task UpdatePermissionForUser_WhenSavingPermissionsFails_ThenInternalServerErrorReturned()
{
// Arrange
IUserRepository userRepository = CreateUserRepository();
User user = new User()
{
UserId = UserId
};
userRepository
.GetUserById(Arg.Is(UserId))
.Returns(user);
FundingStreamPermission existingPermission = new FundingStreamPermission()
{
UserId = UserId,
FundingStreamId = FundingStreamId,
CanApproveFunding = true,
CanChooseFunding = false,
CanCreateSpecification = false,
CanEditCalculations = false,
CanEditSpecification = false,
CanMapDatasets = false,
CanReleaseFunding = false,
CanCreateProfilePattern = false,
CanEditProfilePattern = false,
CanDeleteProfilePattern = false,
CanAssignProfilePattern = false,
CanApplyCustomProfilePattern = false,
CanApproveCalculations = true,
CanApproveAnyCalculations = false,
CanApproveAllCalculations = false
};
userRepository
.GetFundingStreamPermission(Arg.Is(UserId), Arg.Is(FundingStreamId))
.Returns(existingPermission);
userRepository
.UpdateFundingStreamPermission(Arg.Any <FundingStreamPermission>())
.Returns(HttpStatusCode.InternalServerError);
ICacheProvider cacheProvider = CreateCacheProvider();
FundingStreamPermissionUpdateModel updateModel = new FundingStreamPermissionUpdateModel()
{
CanApproveFunding = true,
CanChooseFunding = true,
CanCreateSpecification = false,
CanEditCalculations = false,
CanEditSpecification = false,
CanMapDatasets = false,
CanReleaseFunding = false,
CanCreateProfilePattern = false,
CanEditProfilePattern = false,
CanDeleteProfilePattern = false,
CanAssignProfilePattern = false,
CanApplyCustomProfilePattern = false,
CanApproveCalculations = false,
CanApproveAnyCalculations = true,
CanApproveAllCalculations = true
};
FundingStreamPermissionService service = CreateService(userRepository, cacheProvider: cacheProvider);
// Act
IActionResult result = await service.UpdatePermissionForUser(UserId, FundingStreamId, updateModel, null);
// Assert
result
.Should()
.BeOfType <InternalServerErrorResult>()
.Which
.Value
.Should()
.Be("Saving funding stream permission to repository returned 'InternalServerError'");
await userRepository
.Received(1)
.UpdateFundingStreamPermission(Arg.Any <FundingStreamPermission>());
await cacheProvider
.Received(0)
.DeleteHashSet(Arg.Is($"{CacheKeys.EffectivePermissions}:{UserId}"));
}
public async Task <ValidatedApiResponse <FundingStreamPermission> > UpdateFundingStreamPermission(string userId, string fundingStreamId, FundingStreamPermissionUpdateModel permissions)
{
Guard.IsNullOrWhiteSpace(userId, nameof(userId));
Guard.IsNullOrWhiteSpace(fundingStreamId, nameof(fundingStreamId));
Guard.ArgumentNotNull(permissions, nameof(permissions));
return(await ValidatedPutAsync <FundingStreamPermission, FundingStreamPermissionUpdateModel>($"api/users/{userId}/permissions/{fundingStreamId}", permissions));
}
public async Task <IActionResult> UpdatePermissionForUser(string userId, string fundingStreamId, FundingStreamPermissionUpdateModel updateModel, Reference author)
{
if (string.IsNullOrWhiteSpace(userId))
{
return(new BadRequestObjectResult($"{nameof(userId)} is empty or null"));
}
if (string.IsNullOrWhiteSpace(fundingStreamId))
{
return(new BadRequestObjectResult($"{nameof(fundingStreamId)} is empty or null"));
}
User user = await _userRepositoryPolicy.ExecuteAsync(() => _userRepository.GetUserById(userId));
if (user == null)
{
return(new PreconditionFailedResult("userId not found"));
}
FundingStreamPermission existingPermissions = await _userRepositoryPolicy.ExecuteAsync(() => _userRepository.GetFundingStreamPermission(userId, fundingStreamId));
FundingStreamPermission newPermissions = _mapper.Map <FundingStreamPermissionUpdateModel, FundingStreamPermission>(updateModel);
newPermissions.FundingStreamId = fundingStreamId;
newPermissions.UserId = userId;
if (existingPermissions == null || !existingPermissions.HasSamePermissions(newPermissions))
{
HttpStatusCode saveResult = await _userRepositoryPolicy.ExecuteAsync(() => _userRepository.UpdateFundingStreamPermission(newPermissions));
if (saveResult != HttpStatusCode.OK && saveResult != HttpStatusCode.Created)
{
return(new InternalServerErrorResult($"Saving funding stream permission to repository returned '{saveResult}'"));
}
FundingStreamPermissionVersion version = new FundingStreamPermissionVersion()
{
Author = author,
Permission = newPermissions,
PublishStatus = Models.Versioning.PublishStatus.Updated,
Date = DateTimeOffset.Now,
UserId = userId,
};
version.Version = await _fundingStreamPermissionVersionRepositoryPolicy.ExecuteAsync(() => _fundingStreamPermissionVersionRepository.GetNextVersionNumber(version, partitionKeyId: userId));
await _fundingStreamPermissionVersionRepositoryPolicy.ExecuteAsync(() => _fundingStreamPermissionVersionRepository.SaveVersion(version, userId));
await ClearEffectivePermissionsForUser(userId);
}
return(new OkObjectResult(_mapper.Map <FundingStreamPermissionCurrent>(newPermissions)));
}
public async Task <IActionResult> RunUpdatePermissionForUser([FromRoute] string userId, [FromRoute] string fundingStreamId, [FromBody] FundingStreamPermissionUpdateModel fundingStreamPermissionUpdateModel)
{
Reference user = ControllerContext.HttpContext.Request.GetUser();
return(await _fundingStreamPermissionService.UpdatePermissionForUser(userId, fundingStreamId, fundingStreamPermissionUpdateModel, user));
}
public async Task UpdatePermissionForUser_WhenPermissionsAreSetOnAFundingStreamAndNoneHaveBeenSetBefore_ThenPermissionsSaved()
{
// Arrange
IUserRepository userRepository = CreateUserRepository();
User user = new User()
{
UserId = UserId
};
userRepository
.GetUserById(Arg.Is(UserId))
.Returns(user);
FundingStreamPermission existingPermission = null;
userRepository
.GetFundingStreamPermission(Arg.Is(UserId), Arg.Is(FundingStreamId))
.Returns(existingPermission);
userRepository
.UpdateFundingStreamPermission(Arg.Any <FundingStreamPermission>())
.Returns(HttpStatusCode.Created);
ICacheProvider cacheProvider = CreateCacheProvider();
FundingStreamPermissionUpdateModel updateModel = new FundingStreamPermissionUpdateModel()
{
CanApproveFunding = true,
CanChooseFunding = false,
CanCreateSpecification = false,
CanEditCalculations = false,
CanEditSpecification = false,
CanMapDatasets = false,
CanPublishFunding = false,
};
string json = JsonConvert.SerializeObject(updateModel);
byte[] byteArray = Encoding.UTF8.GetBytes(json);
MemoryStream stream = new MemoryStream(byteArray);
HttpRequest request = Substitute.For <HttpRequest>();
request
.Body
.Returns(stream);
IVersionRepository <FundingStreamPermissionVersion> versionRepository = CreateFundingStreamPermissionRepository();
versionRepository
.GetNextVersionNumber(Arg.Any <FundingStreamPermissionVersion>(), 0, Arg.Is(UserId))
.Returns(1);
FundingStreamPermissionService service = CreateService(
userRepository,
cacheProvider: cacheProvider,
fundingStreamPermissionVersionRepository: versionRepository);
// Act
IActionResult result = await service.UpdatePermissionForUser(UserId, FundingStreamId, request);
// Assert
result
.Should()
.BeOfType <OkObjectResult>()
.Which
.Value
.Should()
.BeEquivalentTo <FundingStreamPermissionCurrent>(new FundingStreamPermissionCurrent()
{
UserId = UserId,
FundingStreamId = FundingStreamId,
CanApproveFunding = true,
CanChooseFunding = false,
CanCreateSpecification = false,
CanEditCalculations = false,
CanEditSpecification = false,
CanMapDatasets = false,
CanPublishFunding = false,
});
await userRepository
.Received(1)
.UpdateFundingStreamPermission(Arg.Is <FundingStreamPermission>(p =>
p.FundingStreamId == FundingStreamId &&
p.UserId == UserId &&
p.CanApproveFunding &&
!p.CanChooseFunding &&
!p.CanCreateSpecification &&
!p.CanEditCalculations &&
!p.CanEditSpecification &&
!p.CanMapDatasets &&
!p.CanPublishFunding
));
await cacheProvider
.Received(1)
.DeleteHashSet(Arg.Is($"{CacheKeys.EffectivePermissions}:{UserId}"));
await versionRepository
.Received(1)
.GetNextVersionNumber(Arg.Is <FundingStreamPermissionVersion>(v => v.EntityId == $"{UserId}_{FundingStreamId}"), partitionKeyId: Arg.Is(UserId));
await versionRepository
.Received(1)
.SaveVersion(Arg.Is <FundingStreamPermissionVersion>(v =>
v.EntityId == $"{UserId}_{FundingStreamId}" &&
v.Version == 1
), Arg.Is(UserId));
}
public async Task UpdatePermissionForUser_WhenSavingPermissionsFails_ThenInternalServerErrorReturned()
{
// Arrange
IUserRepository userRepository = CreateUserRepository();
User user = new User()
{
UserId = UserId
};
userRepository
.GetUserById(Arg.Is(UserId))
.Returns(user);
FundingStreamPermission existingPermission = new FundingStreamPermission()
{
UserId = UserId,
FundingStreamId = FundingStreamId,
CanApproveFunding = true,
CanChooseFunding = false,
CanCreateSpecification = false,
CanEditCalculations = false,
CanEditSpecification = false,
CanMapDatasets = false,
CanPublishFunding = false,
};
userRepository
.GetFundingStreamPermission(Arg.Is(UserId), Arg.Is(FundingStreamId))
.Returns(existingPermission);
userRepository
.UpdateFundingStreamPermission(Arg.Any <FundingStreamPermission>())
.Returns(HttpStatusCode.InternalServerError);
ICacheProvider cacheProvider = CreateCacheProvider();
FundingStreamPermissionUpdateModel updateModel = new FundingStreamPermissionUpdateModel()
{
CanApproveFunding = true,
CanChooseFunding = true,
CanCreateSpecification = false,
CanEditCalculations = false,
CanEditSpecification = false,
CanMapDatasets = false,
CanPublishFunding = false,
};
string json = JsonConvert.SerializeObject(updateModel);
byte[] byteArray = Encoding.UTF8.GetBytes(json);
MemoryStream stream = new MemoryStream(byteArray);
HttpRequest request = Substitute.For <HttpRequest>();
request
.Body
.Returns(stream);
FundingStreamPermissionService service = CreateService(userRepository, cacheProvider: cacheProvider);
// Act
IActionResult result = await service.UpdatePermissionForUser(UserId, FundingStreamId, request);
// Assert
result
.Should()
.BeOfType <InternalServerErrorResult>()
.Which
.Value
.Should()
.Be("Saving funding stream permission to repository returned 'InternalServerError'");
await userRepository
.Received(1)
.UpdateFundingStreamPermission(Arg.Any <FundingStreamPermission>());
await cacheProvider
.Received(0)
.DeleteHashSet(Arg.Is($"{CacheKeys.EffectivePermissions}:{UserId}"));
}
