Example #1
0
        public void CanDelegateAccessSelfAssessment_returns_true_with_no_completed_or_removed_assessments()
        {
            // Given
            var candidateAssessments = Builder <CandidateAssessment> .CreateListOfSize(5).All()
                                       .With(ca => ca.CompletedDate = null)
                                       .With(ca => ca.RemovedDate   = null)
                                       .Build().ToList();

            A.CallTo(() => selfAssessmentDataService.GetCandidateAssessments(A <int> ._, A <int> ._))
            .Returns(candidateAssessments);

            // When
            var result = selfAssessmentService.CanDelegateAccessSelfAssessment(1, 1);

            // Then
            result.Should().BeTrue();
        }
        public void Returns_Redirect_to_access_denied_if_delegate_does_not_have_self_assessment()
        {
            // Given
            var context = GetDefaultContext();

            A.CallTo(() => selfAssessmentService.CanDelegateAccessSelfAssessment(A <int> ._, A <int> ._)).Returns(false);

            // When
            new VerifyDelegateUserCanAccessSelfAssessment(selfAssessmentService, logger).OnActionExecuting(context);

            // Then
            using (new AssertionScope())
            {
                context.Result.Should().BeRedirectToActionResult().WithActionName("AccessDenied")
                .WithControllerName("LearningSolutions");
            }
        }
        public void OnActionExecuting(ActionExecutingContext context)
        {
            if (!(context.Controller is Controller controller))
            {
                return;
            }

            var selfAssessmentId        = int.Parse(context.RouteData.Values["selfAssessmentId"].ToString() !);
            var delegateId              = controller.User.GetCandidateIdKnownNotNull();
            var canAccessSelfAssessment =
                selfAssessmentService.CanDelegateAccessSelfAssessment(delegateId, selfAssessmentId);

            if (!canAccessSelfAssessment)
            {
                logger.LogWarning(
                    $"Attempt to display self assessment results for candidate {delegateId} with no self assessment"
                    );
                context.Result = new RedirectToActionResult("AccessDenied", "LearningSolutions", new { });
            }
        }