public void AuthorizationAttribute_Test()
{
var sessionItems = new System.Web.SessionState.SessionStateItemCollection();
var controllerContext = new FakeControllerContext(TestHelper.Resolve<TopicsController>(), "http://localhost", null, null, new System.Collections.Specialized.NameValueCollection(), new System.Collections.Specialized.NameValueCollection(), new System.Web.HttpCookieCollection(), sessionItems);
var context = new AuthorizationContext(controllerContext, new FakeActionDescriptor());
var att = new RequireAuthorizationAttribute(UserRole.Member);
att.Routes.Add(new StrictRoute("login", new MvcRouteHandler())
{
Url = "login",
Defaults = new System.Web.Routing.RouteValueDictionary(new
{
controller = "Authentication",
action = "Login"
})
});
context.Result = null;
att.OnAuthorization(context);
Assert.IsInstanceOfType(context.Result, typeof(RedirectResult));
//Test with user
User user = ServicesTests.GetTestUser();
sessionItems["User"] = new UserState(user, AuthenticationProvider.Facebook);
context.Result = null;
att.OnAuthorization(context);
Assert.IsNull(context.Result);
}
public static SessionStateItemCollection GetSessionWithTestUser()
{
SessionStateItemCollection sessionItems = new SessionStateItemCollection();
User user = ServicesTests.GetTestUser();
sessionItems["User"] = new UserState(user, AuthenticationProvider.Facebook);
return sessionItems;
}
/// <summary>
/// Determines if a user is authorized
/// </summary>
/// <param name="user"></param>
/// <returns></returns>
protected virtual bool IsAuthorized(UserState user)
{
if (user == null)
{
return false;
}
if (this.UserRole != null)
{
if (user.Role < this.UserRole.Value)
{
return false;
}
}
return true;
}
