public async Task When_Authorization_Policy_Is_Updated_Then_True_Is_Returned() { // ARRANGE var updatePolicyParameter = new UpdatePolicyParameter { PolicyId = "valid_policy_id", Rules = new List <UpdatePolicyRuleParameter> { new UpdatePolicyRuleParameter { Claims = new List <AddClaimParameter> { new AddClaimParameter { Type = "type", Value = "value" } }, Scopes = new List <string> { "scope" } } } }; InitializeFakeObjects(); _repositoryExceptionHelperStub.Setup(r => r.HandleException( string.Format(ErrorDescriptions.TheAuthorizationPolicyCannotBeRetrieved, updatePolicyParameter.PolicyId), It.IsAny <Func <Task <Policy> > >())).Returns(Task.FromResult(new Policy { ResourceSetIds = new List <string> { "resource_id" } })); _repositoryExceptionHelperStub.Setup(r => r.HandleException( string.Format(ErrorDescriptions.TheAuthorizationPolicyCannotBeUpdated, updatePolicyParameter.PolicyId), It.IsAny <Func <Task <bool> > >())).Returns(Task.FromResult(true)); _resourceSetRepositoryStub.Setup(r => r.Get(It.IsAny <string>())).Returns(Task.FromResult(new ResourceSet { Scopes = new List <string> { "scope" } })); // ACT var result = await _updatePolicyAction.Execute(updatePolicyParameter); // ASSERT Assert.True(result); }
public async Task <bool> Execute(UpdatePolicyParameter updatePolicyParameter) { if (updatePolicyParameter == null) { throw new ArgumentNullException(nameof(updatePolicyParameter)); } if (string.IsNullOrWhiteSpace(updatePolicyParameter.PolicyId)) { throw new BaseUmaException(ErrorCodes.InvalidRequestCode, string.Format(ErrorDescriptions.TheParameterNeedsToBeSpecified, "id")); } _umaServerEventSource.StartUpdateAuthorizationPolicy(JsonConvert.SerializeObject(updatePolicyParameter)); var policy = await _repositoryExceptionHelper.HandleException( string.Format(ErrorDescriptions.TheAuthorizationPolicyCannotBeRetrieved, updatePolicyParameter.PolicyId), () => _policyRepository.Get(updatePolicyParameter.PolicyId)); if (policy == null) { return(false); } foreach (var resourceSetId in policy.ResourceSetIds) { var resourceSet = await _resourceSetRepository.Get(resourceSetId).ConfigureAwait(false); if (updatePolicyParameter.Scopes.Any(r => !resourceSet.Scopes.Contains(r))) { throw new BaseUmaException(ErrorCodes.InvalidScope, ErrorDescriptions.OneOrMoreScopesDontBelongToAResourceSet); } } policy.Scopes = updatePolicyParameter.Scopes; policy.IsResourceOwnerConsentNeeded = updatePolicyParameter.IsResourceOwnerConsentNeeded; policy.Claims = new List <Claim>(); policy.Script = updatePolicyParameter.Script; if (updatePolicyParameter.Claims != null) { policy.Claims = updatePolicyParameter.Claims.Select(c => new Claim { Type = c.Type, Value = c.Value }).ToList(); } var result = await _repositoryExceptionHelper.HandleException( string.Format(ErrorDescriptions.TheAuthorizationPolicyCannotBeUpdated, updatePolicyParameter.PolicyId), () => _policyRepository.Update(policy)); _umaServerEventSource.FinishUpdateAuhthorizationPolicy(JsonConvert.SerializeObject(updatePolicyParameter)); return(result); }
public async Task <bool> Execute(UpdatePolicyParameter updatePolicyParameter) { if (updatePolicyParameter == null) { throw new ArgumentNullException(nameof(updatePolicyParameter)); } if (updatePolicyParameter.Rules == null || !updatePolicyParameter.Rules.Any()) { throw new BaseUmaException(ErrorCodes.InvalidRequestCode, string.Format(ErrorDescriptions.TheParameterNeedsToBeSpecified, Constants.AddPolicyParameterNames.Rules)); } var policy = await _repositoryExceptionHelper.HandleException( string.Format(ErrorDescriptions.TheAuthorizationPolicyCannotBeRetrieved, updatePolicyParameter.PolicyId), () => _policyRepository.Get(updatePolicyParameter.PolicyId)); if (policy == null) { return(false); } policy.Rules = new List <PolicyRule>(); foreach (var ruleParameter in updatePolicyParameter.Rules) { var claims = new List <Claim>(); if (ruleParameter.Claims != null) { claims = ruleParameter.Claims.Select(c => new Claim { Type = c.Type, Value = c.Value }).ToList(); } policy.Rules.Add(new PolicyRule { Id = ruleParameter.Id, ClientIdsAllowed = ruleParameter.ClientIdsAllowed, IsResourceOwnerConsentNeeded = ruleParameter.IsResourceOwnerConsentNeeded, Scopes = ruleParameter.Scopes, Script = ruleParameter.Script, Claims = claims, OpenIdProvider = ruleParameter.OpenIdProvider }); } return(await _repositoryExceptionHelper.HandleException( string.Format(ErrorDescriptions.TheAuthorizationPolicyCannotBeUpdated, updatePolicyParameter.PolicyId), () => _policyRepository.Update(policy))); }
public async Task When_Scope_Is_Not_Valid_Then_Exception_Is_Thrown() { // ARRANGE var updatePolicyParameter = new UpdatePolicyParameter { PolicyId = "policy_id", Rules = new List <UpdatePolicyRuleParameter> { new UpdatePolicyRuleParameter { Scopes = new List <string> { "invalid_scope" } } } }; InitializeFakeObjects(); _repositoryExceptionHelperStub.Setup(r => r.HandleException( string.Format(ErrorDescriptions.TheAuthorizationPolicyCannotBeRetrieved, updatePolicyParameter.PolicyId), It.IsAny <Func <Task <Policy> > >())).Returns(() => Task.FromResult(new Policy { ResourceSetIds = new List <string> { "resource_id" } })); _resourceSetRepositoryStub.Setup(r => r.Get(It.IsAny <string>())).Returns(Task.FromResult(new ResourceSet { Scopes = new List <string> { "scope" } })); // ACT var result = await Assert.ThrowsAsync <BaseUmaException>(() => _updatePolicyAction.Execute(updatePolicyParameter)); // ASSERT Assert.NotNull(result); Assert.Equal("invalid_scope", result.Code); Assert.Equal("one or more scopes don't belong to a resource set", result.Message); }
public async Task When_Authorization_Policy_Doesnt_Exist_Then_False_Is_Returned() { // ARRANGE var updatePolicyParameter = new UpdatePolicyParameter { PolicyId = "not_valid_policy_id" }; InitializeFakeObjects(); _repositoryExceptionHelperStub.Setup(r => r.HandleException( string.Format(ErrorDescriptions.TheAuthorizationPolicyCannotBeRetrieved, updatePolicyParameter.PolicyId), It.IsAny <Func <Task <Policy> > >())).Returns(() => Task.FromResult((Policy)null)); // ACT var result = await _updatePolicyAction.Execute(updatePolicyParameter); // ASSERT Assert.False(result); }
public async Task When_Id_Is_Not_Passed_Then_Exception_Is_Thrown() { // ARRANGE var updatePolicyParameter = new UpdatePolicyParameter { }; InitializeFakeObjects(); _repositoryExceptionHelperStub.Setup(r => r.HandleException( string.Format(ErrorDescriptions.TheAuthorizationPolicyCannotBeRetrieved, updatePolicyParameter.PolicyId), It.IsAny <Func <Task <Policy> > >())).Returns(() => Task.FromResult((Policy)null)); // ACT & ASSERTS var exception = await Assert.ThrowsAsync <BaseUmaException>(() => _updatePolicyAction.Execute(updatePolicyParameter)); Assert.NotNull(exception); Assert.True(exception.Code == ErrorCodes.InvalidRequestCode); Assert.True(exception.Message == string.Format(ErrorDescriptions.TheParameterNeedsToBeSpecified, "id")); }
public Task <bool> UpdatePolicy(UpdatePolicyParameter updatePolicyParameter) { return(_updatePolicyAction.Execute(updatePolicyParameter)); }
public async Task <bool> Execute(UpdatePolicyParameter updatePolicyParameter) { // Check the parameters if (updatePolicyParameter == null) { throw new ArgumentNullException(nameof(updatePolicyParameter)); } if (string.IsNullOrWhiteSpace(updatePolicyParameter.PolicyId)) { throw new BaseUmaException(ErrorCodes.InvalidRequestCode, string.Format(ErrorDescriptions.TheParameterNeedsToBeSpecified, "id")); } if (updatePolicyParameter.Rules == null || !updatePolicyParameter.Rules.Any()) { throw new BaseUmaException(ErrorCodes.InvalidRequestCode, string.Format(ErrorDescriptions.TheParameterNeedsToBeSpecified, Constants.AddPolicyParameterNames.Rules)); } _umaServerEventSource.StartUpdateAuthorizationPolicy(JsonConvert.SerializeObject(updatePolicyParameter)); // Check the authorization policy exists. var policy = await _repositoryExceptionHelper.HandleException( string.Format(ErrorDescriptions.TheAuthorizationPolicyCannotBeRetrieved, updatePolicyParameter.PolicyId), () => _policyRepository.Get(updatePolicyParameter.PolicyId)); if (policy == null) { return(false); } policy.Rules = new List <PolicyRule>(); // Check all the scopes are valid. foreach (var resourceSetId in policy.ResourceSetIds) { var resourceSet = await _resourceSetRepository.Get(resourceSetId); if (updatePolicyParameter.Rules.Any(r => r.Scopes != null && !r.Scopes.All(s => resourceSet.Scopes.Contains(s)))) { throw new BaseUmaException(ErrorCodes.InvalidScope, ErrorDescriptions.OneOrMoreScopesDontBelongToAResourceSet); } } // Update the authorization policy. foreach (var ruleParameter in updatePolicyParameter.Rules) { var claims = new List <Claim>(); if (ruleParameter.Claims != null) { claims = ruleParameter.Claims.Select(c => new Claim { Type = c.Type, Value = c.Value }).ToList(); } policy.Rules.Add(new PolicyRule { Id = ruleParameter.Id, ClientIdsAllowed = ruleParameter.ClientIdsAllowed, IsResourceOwnerConsentNeeded = ruleParameter.IsResourceOwnerConsentNeeded, Scopes = ruleParameter.Scopes, Script = ruleParameter.Script, Claims = claims, OpenIdProvider = ruleParameter.OpenIdProvider }); } var result = await _repositoryExceptionHelper.HandleException( string.Format(ErrorDescriptions.TheAuthorizationPolicyCannotBeUpdated, updatePolicyParameter.PolicyId), () => _policyRepository.Update(policy)); _umaServerEventSource.FinishUpdateAuhthorizationPolicy(JsonConvert.SerializeObject(updatePolicyParameter)); return(result); }