public void ChangeUserDistinctionAsync_IfNotAdmin_ThrowsUnauthorizedAccessException()
        {
            //Arrange
            mockRepoWrapper
            .Setup(x => x.UserDistinction.GetFirstAsync(It.IsAny <Expression <Func <UserDistinction, bool> > >(),
                                                        It.IsAny <Func <IQueryable <UserDistinction>, IIncludableQueryable <UserDistinction, object> > >()))
            .ReturnsAsync(new UserDistinction());

            userManager.Setup(m => m.GetRolesAsync(It.IsAny <User>())).ReturnsAsync(GetRolesWithoutAdmin());

            //Assert
            Exception exception = Assert.ThrowsAsync(typeof(UnauthorizedAccessException),
                                                     async() => { await distinctionService.ChangeUserDistinctionAsync(It.IsAny <UserDistinctionDTO>(), It.IsAny <User>()); });

            Assert.AreEqual("Attempted to perform an unauthorized operation.", exception.Message);
        }
Example #2
0
        public void ChangeUserDistinctionAsync_IfNotAdmin_ThrowsUnauthorizedAccessException()
        {
            //Arrange
            mockRepoWrapper
            .Setup(x => x.UserDistinction.GetFirstAsync(It.IsAny <Expression <Func <UserDistinction, bool> > >(),
                                                        It.IsAny <Func <IQueryable <UserDistinction>, IIncludableQueryable <UserDistinction, object> > >()))
            .ReturnsAsync(new UserDistinction());

            //Act
            ClaimsIdentity  claimsIdentity = new ClaimsIdentity();
            ClaimsPrincipal notAdmin       = new ClaimsPrincipal();

            claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, "Htos`"));
            notAdmin.AddIdentity(claimsIdentity);

            //Assert
            Exception exception = Assert.ThrowsAsync(typeof(UnauthorizedAccessException),
                                                     async() => { await distinctionService.ChangeUserDistinctionAsync(It.IsAny <UserDistinctionDTO>(), notAdmin); });

            Assert.AreEqual("Attempted to perform an unauthorized operation.", exception.Message);
        }