public async Task my_response_permissions_when_authorized_user_request()
{
var permission = Builders.Permission()
.WithAllPrivilegesForDefaultIdentity()
.Build();
await _fixture.Given
.AddPermission(permission);
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V1.Users.My())
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.GetAsync();
response.StatusCode
.Should()
.Be(StatusCodes.Status200OK);
var content = await response.Content
.ReadAs <MyResponse>();
content.ReadPermission
.Should().BeTrue();
content.WritePermission
.Should().BeTrue();
content.ManagementPermission
.Should().BeTrue();
}
public async Task importproduct_response_bad_request_if_product_to_import_already_exists()
{
var permission = Builders.Permission()
.WithContributorPermission()
.Build();
await _fixture.Given
.AddPermission(permission);
var product = Builders.Product()
.WithName("default")
.Build();
await _fixture.Given
.AddProduct(product);
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V5.Product.Import())
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.PostAsJsonAsync(new ImportProductRequest()
{
Content = "{\"Name\":\"default\",\"Description\":\"this is default product\",\"Features\":[{\"Name\":\"MatchScore\",\"Description\":\"show the match score on products\",\"Archived\":false,\"FeatureTags\":[],\"FeatureStates\":[],\"Toggles\":[{\"Type\":\"Esquio.Toggles.FromToToggle,Esquio\",\"Parameters\":[{\"Name\":\"From\",\"Value\":\"2020-07-13 09:36:23\",\"DeploymentName\":\"Tests\"},{\"Name\":\"To\",\"Value\":\"2020-07-29 09:36:25\",\"DeploymentName\":\"Tests\"}]}]}],\"Deployments\":[{\"Name\":\"Tests\",\"ByDefault\":true},{\"Name\":\"production\",\"ByDefault\":false}]}"
});
response.StatusCode
.Should()
.Be(StatusCodes.Status400BadRequest);
}
public async Task add_response_badrequest_if_default_deployment_name_length_is_lower_than_5()
{
var permission = Builders.Permission()
.WithManagementPermission()
.Build();
await _fixture.Given
.AddPermission(permission);
var productRequest = new AddProductRequest()
{
Name = "fooproduct",
Description = "some description",
DefaultDeploymentName = new string('d', 4)
};
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V5.Product.Add())
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.PostAsJsonAsync(productRequest);
response.StatusCode
.Should()
.Be(StatusCodes.Status400BadRequest);
}
public async Task deletedeployment_response_noconent_when_success()
{
var permission = Builders.Permission()
.WithManagementPermission()
.Build();
await _fixture.Given
.AddPermission(permission);
var product = Builders.Product()
.WithName("fooproduct")
.Build();
var deployment = Builders.Deployment()
.WithName("production")
.Build();
product.Deployments
.Add(deployment);
await _fixture.Given
.AddProduct(product);
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V5.Product.DeleteDeployment(product.Name, deployment.Name))
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.DeleteAsync();
response.StatusCode
.Should()
.Be(StatusCodes.Status204NoContent);
}
public async Task adddeployment_response_created_when_success()
{
var permission = Builders.Permission()
.WithManagementPermission()
.Build();
await _fixture.Given
.AddPermission(permission);
var product = Builders.Product()
.WithName("fooproduct")
.Build();
await _fixture.Given
.AddProduct(product);
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V5.Product.AddDeployment(product.Name))
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.PostAsJsonAsync(new AddDeploymentRequest()
{
Name = "Production"
});
response.StatusCode
.Should()
.Be(StatusCodes.Status201Created);
}
public async Task update_response_forbidden_if_user_is_not_authorized()
{
var permission = Builders.Permission()
.WithReaderPermission()
.Build();
await _fixture.Given
.AddPermission(permission);
var product = Builders.Product()
.WithName("fooproduct")
.Build();
await _fixture.Given
.AddProduct(product);
var request = new UpdateProductRequest()
{
Name = "barpdroduct",
Description = "description for product#2"
};
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V5.Product.Update(product.Name))
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.PutAsJsonAsync(request);
response.StatusCode
.Should()
.Be(StatusCodes.Status403Forbidden);
}
public async Task exportproduct_response_ok_when_success()
{
var permission = Builders.Permission()
.WithReaderPermission()
.Build();
await _fixture.Given
.AddPermission(permission);
var product = Builders.Product()
.WithName("fooproduct")
.Build();
await _fixture.Given
.AddProduct(product);
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V5.Product.Export("fooproduct"))
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.GetAsync();
response.StatusCode
.Should()
.Be(StatusCodes.Status200OK);
var content = await response.Content.ReadAsStringAsync();
}
public async Task delete_response_ok_when_product_and_feature_exist_and_feature_toggles_is_not_empty()
{
var product = Builders.Product()
.WithName("product#1")
.Build();
var feature = Builders.Feature()
.WithName("feature#1")
.Build();
var toggle1 = Builders.Toggle()
.WithType("toggle#1")
.Build();
feature.Toggles.Add(toggle1);
product.Features.Add(feature);
await _fixture.Given.AddProduct(product);
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V1.Flags.Delete(feature.Id))
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.DeleteAsync();
response.StatusCode
.Should()
.Be(StatusCodes.Status204NoContent);
}
public async Task delete_response_no_content_when_delete_product_without_features()
{
var permission = Builders.Permission()
.WithAllPrivilegesForDefaultIdentity()
.Build();
await _fixture.Given
.AddPermission(permission);
var product = Builders.Product()
.WithName("product#1")
.Build();
await _fixture.Given
.AddProduct(product);
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V1.Product.Delete(product.Id))
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.DeleteAsync();
response.StatusCode
.Should()
.Be(StatusCodes.Status204NoContent);
}
public async Task add_response_ok_when_create_the_feature()
{
var product = Builders.Product()
.WithName("product#1")
.Build();
await _fixture.Given
.AddProduct(product);
var addFlagRequest = new AddFlagRequest()
{
Name = "feature#1",
Description = "description",
Enabled = true,
ProductId = product.Id
};
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V1.Flags.Add())
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.PostAsJsonAsync(addFlagRequest);
response.StatusCode
.Should()
.Be(StatusCodes.Status201Created);
}
public async Task rollout_is_idempotent()
{
var product = Builders.Product()
.WithName("product#2")
.Build();
var feature = Builders.Feature()
.WithName("feature")
.Build();
product.Features.Add(feature);
await _fixture.Given.AddProduct(product);
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V1.Flags.Rollout(featureId: feature.Id))
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.PutAsync();
response.StatusCode
.Should()
.Be(StatusCodes.Status200OK);
response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V1.Flags.Rollout(featureId: feature.Id))
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.PutAsync();
response.StatusCode
.Should()
.Be(StatusCodes.Status200OK);
}
public async Task add_response_badrequest_if_feature_with_the_same_name_already_exist_on_same_product()
{
var product = Builders.Product()
.WithName("product#1")
.Build();
var feature1 = Builders.Feature()
.WithName("feature#1")
.Build();
product.Features
.Add(feature1);
await _fixture.Given
.AddProduct(product);
var addFlagRequest = new AddFlagRequest()
{
Name = "feature#1",
Description = "description",
Enabled = true,
ProductId = product.Id
};
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V1.Flags.Add())
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.PostAsJsonAsync(addFlagRequest);
response.StatusCode
.Should()
.Be(StatusCodes.Status400BadRequest);
}
public async Task update_response_ok_when_create_the_feature()
{
var product = Builders.Product()
.WithName("product#1")
.Build();
var feature = Builders.Feature()
.WithName("feature1")
.WithEnabled(false)
.Build();
product.Features.Add(feature);
await _fixture.Given
.AddProduct(product);
var updateFlagRequest = new UpdateFlagRequest()
{
Name = "feature#1",
Description = "description",
Enabled = true,
FlagId = feature.Id
};
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V1.Flags.Update())
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.PutAsJsonAsync(updateFlagRequest);
response.StatusCode
.Should()
.Be(StatusCodes.Status200OK);
}
public async Task update_response_badrequest_if_write_is_false_but_management_is_true()
{
var requesterPermission = Builders.Permission()
.WithAllPrivilegesForDefaultIdentity()
.Build();
var existingPermissionSubjectId = Guid.NewGuid().ToString();
var existingPermission = Builders.Permission()
.WithNameIdentifier(existingPermissionSubjectId)
.WithReadPermission(true)
.WithWritePermission(false)
.WithManagementPermission(false)
.Build();
await _fixture.Given
.AddPermission(requesterPermission, existingPermission);
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V1.Users.Add())
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.PutAsJsonAsync(new AddPermissionRequest()
{
SubjectId = existingPermissionSubjectId,
Read = false,
Manage = true,
Write = false
});
response.StatusCode
.Should()
.Be(StatusCodes.Status400BadRequest);
}
public async Task add_response_ok_and_use_default_validTo_if_is_not_specified()
{
var permission = Builders.Permission()
.WithManagementPermission()
.Build();
await _fixture.Given
.AddPermission(permission);
var addApiKeyRequest = new AddApiKeyRequest()
{
Name = "fooname",
ActAs = nameof(ApplicationRole.Reader)
};
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V3.ApiKeys.Add())
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.PostAsJsonAsync(addApiKeyRequest);
response.StatusCode
.Should()
.Be(StatusCodes.Status201Created);
var content = await response.Content
.ReadAs <AddApiKeyResponse>();
content.Name
.Should()
.Be(addApiKeyRequest.Name);
content.Key
.Should()
.NotBe(default);
public async Task update_response_bad_request_if_product_description_is_greater_than_2000()
{
var permission = Builders.Permission()
.WithAllPrivilegesForDefaultIdentity()
.Build();
await _fixture.Given
.AddPermission(permission);
var request = new UpdateProductRequest()
{
ProductId = 1,
Name = "product#2",
Description = new string('d', 2001)
};
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V1.Product.Update())
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.PutAsJsonAsync(request);
response.StatusCode
.Should()
.Be(StatusCodes.Status400BadRequest);
}
public async Task get_response_ok_if_product_exist()
{
var permission = Builders.Permission()
.WithManagementPermission()
.Build();
await _fixture.Given
.AddPermission(permission);
var product = Builders.Product()
.WithName("fooproduct")
.Build();
await _fixture.Given
.AddProduct(product);
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V5.Product.Get(product.Name))
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.GetAsync();
response.StatusCode
.Should()
.Be(StatusCodes.Status200OK);
var content = await response.Content
.ReadAs <DetailsProductResponse>();
content.Name
.Should().BeEquivalentTo(product.Name);
}
public async Task update_response_forbidden_if_user_is_not_authorized()
{
var permission = Builders.Permission()
.WithAllPrivilegesForDefaultIdentity()
.WithWritePermission(false)
.Build();
await _fixture.Given
.AddPermission(permission);
var product = Builders.Product()
.WithName("product#1")
.Build();
await _fixture.Given
.AddProduct(product);
var request = new UpdateProductRequest()
{
ProductId = product.Id,
Name = "product#2",
Description = "description for product#2"
};
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V1.Product.Update())
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.PutAsJsonAsync(request);
response.StatusCode
.Should()
.Be(StatusCodes.Status403Forbidden);
}
public async Task update_response_no_content_if_product_is_updated()
{
var permission = Builders.Permission()
.WithManagementPermission()
.Build();
await _fixture.Given
.AddPermission(permission);
var product = Builders.Product()
.WithName("fooproduct")
.Build();
await _fixture.Given
.AddProduct(product);
var request = new UpdateProductRequest()
{
Name = "barproduct",
Description = "description for product#2"
};
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V5.Product.Update(product.Name))
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.PutAsJsonAsync(request);
response.StatusCode
.Should()
.Be(StatusCodes.Status204NoContent);
}
public async Task allow_to_tag_features()
{
var tag = "tag";
var product = Builders.Product()
.WithName("product#1")
.Build();
var feature = Builders.Feature()
.WithName("feature#1")
.Build();
var toggle1 = Builders.Toggle()
.WithType("toggle#1")
.Build();
feature.Toggles.Add(toggle1);
product.Features.Add(feature);
await _fixture.Given.AddProduct(product);
var request = new AddTagRequest(tag);
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V1.Tags.Tag(feature.Id))
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.PostAsJsonAsync(request);
response.StatusCode
.Should()
.Be(StatusCodes.Status200OK);
}
public async Task deletedeployment_response_badrequest_if_ring_is_default()
{
var permission = Builders.Permission()
.WithManagementPermission()
.Build();
await _fixture.Given
.AddPermission(permission);
var product = Builders.Product()
.WithName("fooproduct")
.Build();
await _fixture.Given
.AddProduct(product);
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V5.Product.DeleteDeployment(product.Name, EsquioConstants.DEFAULT_DEPLOYMENT_NAME))
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.DeleteAsync();
response.StatusCode
.Should()
.Be(StatusCodes.Status400BadRequest);
}
public async Task not_allow_to_tag_features_when_it_has_been_previously_tagged_with_the_same_tag()
{
var product = Builders.Product()
.WithName("product#1")
.Build();
var feature = Builders.Feature()
.WithName("feature#1")
.Build();
var toggle1 = Builders.Toggle()
.WithType("toggle#1")
.Build();
var tag = Builders.Tag()
.Build();
var featureTag = Builders.FeatureTag()
.WithFeature(feature)
.WithTag(tag)
.Build();
feature.Toggles.Add(toggle1);
feature.FeatureTags.Add(featureTag);
product.Features.Add(feature);
await _fixture.Given.AddProduct(product);
var request = new AddTagRequest(tag.Name);
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V1.Tags.Tag(feature.Id))
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.PostAsJsonAsync(request);
response.StatusCode
.Should()
.Be(StatusCodes.Status400BadRequest);
}
public async Task adddeployment_response_badrequest_if_ring_name_grether_than_200_characters()
{
var permission = Builders.Permission()
.WithManagementPermission()
.Build();
await _fixture.Given
.AddPermission(permission);
var product = Builders.Product()
.WithName("fooproduct")
.Build();
await _fixture.Given
.AddProduct(product);
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V5.Product.AddDeployment(product.Name))
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.PostAsJsonAsync(new AddDeploymentRequest()
{
Name = new string('c', 201)
});
response.StatusCode
.Should()
.Be(StatusCodes.Status400BadRequest);
}
public async Task allow_to_untag_features()
{
var product = Builders.Product()
.WithName("product#1")
.Build();
var feature = Builders.Feature()
.WithName("feature#1")
.Build();
var toggle1 = Builders.Toggle()
.WithType("toggle#1")
.Build();
var tag = Builders.Tag()
.Build();
var featureTag = Builders.FeatureTag()
.WithFeature(feature)
.WithTag(tag)
.Build();
feature.Toggles.Add(toggle1);
feature.FeatureTags.Add(featureTag);
product.Features.Add(feature);
await _fixture.Given.AddProduct(product);
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V1.Tags.Untag(tag.Name, feature.Id))
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.DeleteAsync();
response.StatusCode
.Should()
.Be(StatusCodes.Status204NoContent);
}
public async Task list_response_ok_when_no_data()
{
var permission = Builders.Permission()
.WithManagementPermission()
.Build();
await _fixture.Given
.AddPermission(permission);
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V5.Product.List())
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.GetAsync();
response.StatusCode
.Should()
.Be(StatusCodes.Status200OK);
var content = await response.Content
.ReadAs <PaginatedResult <ListProductResponseDetail> >();
content.Total
.Should().Be(0);
content.Count
.Should().Be(0);
content.PageIndex
.Should().Be(0);
content.Items
.Count
.Should().Be(0);
}
public async Task not_allow_untag_a_feature_when_it_has_not_been_previously_tagged_with_the_tag()
{
var product = Builders.Product()
.WithName("product#1")
.Build();
var feature = Builders.Feature()
.WithName("feature#1")
.Build();
var toggle1 = Builders.Toggle()
.WithType("toggle#1")
.Build();
feature.Toggles.Add(toggle1);
product.Features.Add(feature);
await _fixture.Given.AddProduct(product);
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V1.Tags.Untag("tag", feature.Id))
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.DeleteAsync();
response.StatusCode
.Should()
.Be(StatusCodes.Status400BadRequest);
}
public async Task add_response_badrequest_if_product_name_already_exist()
{
var permission = Builders.Permission()
.WithManagementPermission()
.Build();
await _fixture.Given
.AddPermission(permission);
var product = Builders.Product()
.WithName("fooproduct")
.Build();
await _fixture.Given
.AddProduct(product);
var productRequest = new AddProductRequest()
{
Name = product.Name,
Description = "some description"
};
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V5.Product.Add())
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.PostAsJsonAsync(productRequest);
response.StatusCode
.Should()
.Be(StatusCodes.Status400BadRequest);
}
public async Task get_response_forbidden_when_user_is_not_authorized()
{
var permission = Builders.Permission()
.WithReaderPermission()
.Build();
await _fixture.Given
.AddPermission(permission);
var apiKey = Builders.ApiKey()
.WithName("fooname")
.Withkey("barkey")
.Build();
await _fixture.Given
.AddApiKey(apiKey);
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V3.ApiKeys.Get(apiKey.Name))
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.GetAsync();
response.StatusCode
.Should()
.Be(StatusCodes.Status403Forbidden);
}
public async Task add_response_badrequest_when_ringname_is_not_valid()
{
var permission = Builders.Permission()
.WithManagementPermission()
.Build();
await _fixture.Given
.AddPermission(permission);
var productRequest = new AddProductRequest()
{
Name = "fooproduct~#4",
Description = "some description",
DefaultDeploymentName = "X"
};
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V5.Product.Add())
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.PostAsJsonAsync(productRequest);
response.StatusCode
.Should()
.Be(StatusCodes.Status400BadRequest);
}
public async Task details_response_ok_when_success()
{
var permission = Builders.Permission()
.WithAllPrivilegesForDefaultIdentity()
.Build();
await _fixture.Given
.AddPermission(permission);
var response = await _fixture.TestServer
.CreateRequest(ApiDefinitions.V1.Users.Details(permission.SubjectId))
.WithIdentity(Builders.Identity().WithDefaultClaims().Build())
.GetAsync();
response.StatusCode
.Should()
.Be(StatusCodes.Status200OK);
var content = await response.Content
.ReadAs <DetailsUsersResponse>();
content.SubjectId
.Should().BeEquivalentTo(permission.SubjectId);
content.ReadPermission
.Should().Be(permission.ReadPermission);
content.WritePermission
.Should().Be(permission.WritePermission);
content.ManagementPermission
.Should().Be(permission.ManagementPermission);
}
