public static IDomainQuery <T> ByOrganizationId <T>(int organizationId, OrganizationDataReadAccessLevel accessLevel)
{
var hasOrganization = typeof(IOwnedByOrganization).IsAssignableFrom(typeof(T));
var hasAccessModifier = typeof(IHasAccessModifier).IsAssignableFrom(typeof(T));
if (!hasOrganization)
{
return(new RejectAllResultsQuery <T>());
}
var queries = new List <IDomainQuery <T> >
{
ByOrganizationId <T>(organizationId)
};
switch (accessLevel)
{
case OrganizationDataReadAccessLevel.Public when hasAccessModifier:
queries.Add(ByPublicAccessModifier <T>());
break;
case OrganizationDataReadAccessLevel.All:
break;
default:
return(new RejectAllResultsQuery <T>());
}
return(new IntersectionQuery <T>(queries));
}
public void Cannot_GetAssignableOptions_OrganizationAccess(OrganizationDataReadAccessLevel readAccessLevel)
{
//Arrange
var organizationId = A <int>();
ExpectOrganizationReadAccess(organizationId, readAccessLevel);
//Act
var assignableOptionsResult = _sut.GetAssignableDataProcessingRegistrationOptions(organizationId);
//Assert
Assert.True(assignableOptionsResult.Failed);
Assert.Equal(OperationFailure.Forbidden, assignableOptionsResult.Error.FailureType);
}
public void GetRelationsDefinedInOrganization_Returns_Forbidden(OrganizationDataReadAccessLevel accessLevelInOrganization)
{
//Arrange
var organizationId = A <int>();
const int pageNumber = 0;
const int pageSize = 100;
ExpectGetOrganizationReadAccessReturns(organizationId, accessLevelInOrganization);
//Act
var relations = _sut.GetRelationsDefinedInOrganization(organizationId, pageNumber, pageSize);
//Assert
Assert.False(relations.Ok);
Assert.Equal(OperationFailure.Forbidden, relations.Error.FailureType);
}
public static IQueryable <T> ByOrganizationDataAndPublicDataFromOtherOrganizations <T>(
this IQueryable <T> result,
int organizationId,
OrganizationDataReadAccessLevel organizationAccessLevel,
CrossOrganizationDataReadAccessLevel crossOrganizationDataReadAccessLevel)
where T : class, IHasAccessModifier, IOwnedByOrganization
{
var domainQueries = new List <IDomainQuery <T> >();
/****************/
/***MAIN QUERY***/
/****************/
if (organizationAccessLevel >= OrganizationDataReadAccessLevel.Public)
{
if (crossOrganizationDataReadAccessLevel >= CrossOrganizationDataReadAccessLevel.Public)
{
domainQueries.Add(new QueryByPublicAccessOrOrganizationId <T>(organizationId));
}
else
{
domainQueries.Add(new QueryByOrganizationId <T>(organizationId));
}
//Refine to public data only for the organization in question
if (organizationAccessLevel == OrganizationDataReadAccessLevel.Public)
{
domainQueries.Add(new QueryByAccessModifier <T>(AccessModifier.Public));
}
}
else
{
domainQueries.Add(new RejectAllResultsQuery <T>());
}
return(new IntersectionQuery <T>(domainQueries).Apply(result));
}
private void ExpectOrganizationalAccessLevel(int organizationId, OrganizationDataReadAccessLevel accessLevel)
{
_authorizationContext.Setup(x => x.GetOrganizationReadAccessLevel(organizationId)).Returns(accessLevel);
}
private static OrganizationDataQueryParameters CreateExpectedQuery(bool getPublic, CrossOrganizationDataReadAccessLevel crossOrganizationDataReadAccessLevel, OrganizationDataReadAccessLevel organizationDataReadAccess, int organizationId)
{
return(new OrganizationDataQueryParameters(organizationId,
getPublic
? OrganizationDataQueryBreadth.IncludePublicDataFromOtherOrganizations
: OrganizationDataQueryBreadth.TargetOrganization,
new DataAccessLevel(crossOrganizationDataReadAccessLevel, organizationDataReadAccess)));
}
public void GetUnusedItSystemsByOrganization_Returns_RequestedAmount_OrderedBy_Name(int amount, bool getPublic, CrossOrganizationDataReadAccessLevel crossOrganizationDataReadAccessLevel, OrganizationDataReadAccessLevel organizationDataReadAccess)
{
//Arrange
var prefix = A <string>();
var organizationId = A <int>();
ExpectOrganizationalAccessLevel(organizationId, organizationDataReadAccess);
ExpectCrossLevelOrganizationAccess(crossOrganizationDataReadAccessLevel);
var expectedQuery = CreateExpectedQuery(getPublic, crossOrganizationDataReadAccessLevel, organizationDataReadAccess, organizationId);
//Create double the amount of requested to check that amount is limited by requested number.
var resultSet = CreateItSystemSequenceWithNamePrefix(amount * 2, prefix);
ExpectGetUnusedSystemsReturns(expectedQuery, resultSet.AsQueryable());
//Act
var result = _sut.GetUnusedItSystemsByOrganization(organizationId, prefix, amount, getPublic);
//Assert + requested amount returned and in the right order
Assert.True(result.Ok);
var itSystems = result.Value.ToList();
Assert.Equal(amount, itSystems.Count);
Assert.True(resultSet.OrderBy(x => x.Name).Take(amount).SequenceEqual(itSystems));
}
public void GetAvailableOptions_Returns_Forbidden_If_Not_OrganizationDataReadAccessLevel_Is_All(OrganizationDataReadAccessLevel authContextReturn)
{
//Arrange
var uuid = Guid.NewGuid();
var orgId = A <int>();
_organizationRepository.Setup(x => x.GetByUuid(uuid)).Returns(new Organization()
{
Id = orgId
});
_authorizationContext.Setup(x => x.GetOrganizationReadAccessLevel(orgId)).Returns(authContextReturn);
//Act
var businessTypes = _sut.GetOptionTypes(uuid);
//Assert
Assert.True(businessTypes.Failed);
Assert.Equal(OperationFailure.Forbidden, businessTypes.Error.FailureType);
}
public static IQueryable <T> ByOrganizationId <T>(this IQueryable <T> result, int organizationId, OrganizationDataReadAccessLevel accessLevel) where T :
class,
IOwnedByOrganization
{
return(QueryFactory.ByOrganizationId <T>(organizationId, accessLevel).Apply(result));
}
[InlineData(false, false, true, true, false, OrganizationDataReadAccessLevel.All)] //Part of the organization always grants full access to that organization
public void GetOrganizationReadAccessLevel_Returns(bool isGlobalAdmin, bool isRightsHolder, bool hasStakeHolderAccess, bool isActiveInOrganization, bool isMunicipality, OrganizationDataReadAccessLevel expectedResult)
{
//Arrange
var targetOrganization = A <int>();
ExpectUserIsGlobalAdmin(isGlobalAdmin);
ExpectUserHasStakeHolderAccess(hasStakeHolderAccess);
ExpectUserHasRoleIn(targetOrganization, isActiveInOrganization);
ExpectUserHasRoleInOrganizationOfType(OrganizationCategory.Municipality, isMunicipality);
ExpectUserHasRoleInAnyOrganization(OrganizationRole.RightsHolderAccess, isRightsHolder);
//Act
var hasAccess = _sut.GetOrganizationReadAccessLevel(targetOrganization);
//Assert
Assert.Equal(expectedResult, hasAccess);
}
private void ExpectGetOrganizationalReadAccessReturns(int orgKey, OrganizationDataReadAccessLevel result)
{
_authorizationContext.Setup(x => x.GetOrganizationReadAccessLevel(orgKey))
.Returns(result);
}
public DataAccessLevel(CrossOrganizationDataReadAccessLevel crossOrganizational, OrganizationDataReadAccessLevel currentOrganization)
{
CrossOrganizational = crossOrganizational;
CurrentOrganization = currentOrganization;
}
