public void ValidatorBuilder_integration_test_with_example_configuration()
{
var defaultAuthorizeAttribute = new AuthorizeAttribute(PolicyNames.RequireAuthorizedAdmin);
var validatorBuilder = new ValidatorBuilder(_assemblyName, defaultAuthorizeAttribute);
var excludeControllersInPathFakeControllers = typeof(FakeControllers).FullName;
var validator = validatorBuilder
.ExcludeControllersInPath(pathContains: $"{excludeControllersInPathFakeControllers}")
.AddControllerRule <AccountController>(new AllowAnonymousAttribute())
.AddActionRule <AccountController>(
nameof(AccountController.Get),
new AuthorizeAttribute("MyPolicyToGetAll"))
.AddActionRule <AccountController>(
nameof(AccountController.Get),
new MyParameterInfo
{
Name = "id",
Type = typeof(int)
},
new AuthorizeAttribute("MyPolicyToGetSingle"))
.AddActionRule <AccountController>(
nameof(AccountController.Delete),
new AuthorizeAttribute("MyPolicyToDelete"))
.AddActionRule <AccountController>(
nameof(AccountController.GetWithSimpleRule),
new AuthorizeAttribute("MyPolicyToGetWithSimpleRule"))
.AddActionRule <AccountController>(
nameof(AccountController.Post),
new List <MyParameterInfo>
{
new MyParameterInfo {
Name = "command", Type = typeof(AccountController.CreateSomethingCommand)
}
},
new AuthorizeAttribute("MyPolicyToPost"))
.AddControllerRule <UserController>(new AuthorizeAttribute(PolicyNames.RequireAuthorizedUser))
.AddControllerRule <PublicController>(new AllowAnonymousAttribute())
.AddActionRule <PublicController>(
nameof(PublicController.Get),
new MyParameterInfo
{
Name = "id",
Type = typeof(int)
},
new AuthorizeAttribute("MyPolicy"))
.AddActionRule <PublicController>(
nameof(PublicController.Get),
new AuthorizeAttribute("MyPolicy"))
.AddActionRule <PublicController>(
nameof(PublicController.Delete),
new AuthorizeAttribute("DeletePolicy"))
//to ensure multiple controllers using the same name works
.AddControllerRule <Fakes.Controllers.Duplicate.PublicController>(new AuthorizeAttribute())
.Build();
//get all results to do what you want with
var validatedResults = validator.ValidatedResults();
//Debugger.Break();
//execute tests and fail on error
//TODO? rename to ValidateAndThrowOnError ?
validator.ValidateAndThrowOnError();
//print all results in test output no matter if validation is successful or not.
validator.PrintValidatedResults(_outputHelper);
}
public void Controllers_and_actions_have_correct_Authorization()
{
/*
* create the validator builder
* - with the assembly under test; in this case 'WebApi'
* - with the default required attribute
* (the attribute that will be required on all controller actions without explicit rules configured)
*/
var assemblyName = nameof(WebApi);
var defaultAttributeRequired = new AuthorizeAttribute(PolicyNames.RequireAuthorizedAdmin);
var validatorBuilder = new ValidatorBuilder(assemblyName, defaultAttributeRequired);
/*
* It is possible to exclude controllers from validation with path
* This can be used to exclude a folder/namespace path or single controller (FullName)
* read the summary of the method
*/
var excludeControllersInPath = typeof(ExcludedFromValidationController).FullName;
/*
* The builder returns a validator that is used to trigger validation of configured rules
* From the validator you can
* - get all validation results as objects
* - print all results in unit test output
* - throw on failure (prints all invalid results in test output)
*/
var validator = validatorBuilder
//exclude a controller from validation
.ExcludeControllersInPath(excludeControllersInPath)
//add a controller rule
.AddControllerRule <AccountController>(new AllowAnonymousAttribute())
// add an action rule;
// note that action rules takes presence over controller rules, always.
// If you have more than one action with the same name
// this rule will only be applied to the first one found in the controller
.AddActionRule <AccountController>(
nameof(AccountController.Get),
new AuthorizeAttribute("MyPolicyToGetAll"))
//add an action rule matching on parameters
// my recommendation is that you don't do this, instead name the actions differently =)
.AddActionRule <AccountController>(
nameof(AccountController.Get),
new MyParameterInfo
{
Name = "id",
Type = typeof(int)
},
new AuthorizeAttribute("MyPolicyToGetSingle"))
.AddActionRule <AccountController>(
nameof(AccountController.Delete),
new AuthorizeAttribute("MyPolicyToDelete"))
//note: this action name, GetWithSimpleRule, can match two actions in the controller
// actions will always (?) be ordered as they appear in the controller (top down)
.AddActionRule <AccountController>(
nameof(AccountController.GetWithSimpleRule),
new AuthorizeAttribute("MyPolicyToGetWithSimpleRule"))
.AddActionRule <AccountController>(
nameof(AccountController.Post),
new List <MyParameterInfo>
{
new MyParameterInfo {
Name = "command", Type = typeof(AccountController.CreateSomethingCommand)
}
},
new AuthorizeAttribute("MyPolicyToPost"))
.AddControllerRule <UserController>(new AuthorizeAttribute(PolicyNames.RequireAuthorizedUser))
.AddControllerRule <PublicController>(new AllowAnonymousAttribute())
.AddActionRule <PublicController>(
nameof(PublicController.Get),
new MyParameterInfo
{
Name = "id",
Type = typeof(int)
},
new AuthorizeAttribute("MyPolicy"))
.AddActionRule <PublicController>(
nameof(PublicController.Get),
new AuthorizeAttribute("MyPolicy"))
.AddActionRule <PublicController>(
nameof(PublicController.Delete),
new AuthorizeAttribute("DeletePolicy"))
//configuration is completed
.Build();
//run the tests and throw on failed validation, prints all failed results
validator.ValidateAndThrowOnError();
//print all results in test output no matter if validation is successful or not.
validator.PrintValidatedResults(_outputHelper);
//get the results and do what you like with them
var results = validator.ValidatedResults();
}
