public EditAatfContactHandlerTests()
{
this.aatfDataAccess = A.Fake <IAatfDataAccess>();
this.genericDataAccess = A.Fake <IGenericDataAccess>();
this.organisationDetailsDataAccess = A.Fake <IOrganisationDetailsDataAccess>();
fixture = new Fixture();
this.handler = new EditAatfContactHandler(new AuthorizationBuilder().AllowEverything().Build(), this.aatfDataAccess, this.genericDataAccess, this.organisationDetailsDataAccess);
}
public async Task HandleAsync_NoAdminRoleAccess_ThrowsSecurityException()
{
var authorization = new AuthorizationBuilder().AllowInternalAreaAccess().DenyRole(Roles.InternalAdmin).Build();
var handler = new EditAatfContactHandler(authorization, this.aatfDataAccess, this.genericDataAccess, this.organisationDetailsDataAccess);
Func <Task> action = async() => await handler.HandleAsync(A.Dummy <EditAatfContact>());
await action.Should().ThrowAsync <SecurityException>();
}
public async Task HandleAsync_NoOrganisationOrInternalAccess_ThrowsSecurityException()
{
var authorization = new AuthorizationBuilder().DenyInternalOrOrganisationAccess().Build();
var handler = new EditAatfContactHandler(authorization, this.aatfDataAccess, this.genericDataAccess, this.organisationDetailsDataAccess);
var request = this.fixture.Create <EditAatfContact>();
A.CallTo(() => this.aatfDataAccess.GetDetails(request.AatfId)).Returns(A.Fake <Aatf>());
Func <Task> action = async() => await handler.HandleAsync(request);
await action.Should().ThrowAsync <SecurityException>();
}
