public async Task EditSpecificationStatus_GivenSuccessReturnedFromApi_ReturnsOK()
{
//Arrange
string specificationId = "5";
PublishStatusEditModel model = new PublishStatusEditModel();
PublishStatusResult publishStatusResult = new PublishStatusResult();
ValidatedApiResponse <PublishStatusResult> response = new ValidatedApiResponse <PublishStatusResult>(HttpStatusCode.OK, publishStatusResult);
ISpecsApiClient specsClient = Substitute.For <ISpecsApiClient>();
specsClient
.UpdatePublishStatus(Arg.Is(specificationId), Arg.Is(model))
.Returns(response);
IAuthorizationHelper authorizationHelper = TestAuthHelper.CreateAuthorizationHelperSubstitute(specificationId, SpecificationActionTypes.CanApproveSpecification);
SpecificationController controller = CreateSpecificationController(specsClient, authorizationHelper);
// Act
IActionResult result = await controller.EditSpecificationStatus(specificationId, model);
// Assert
result
.Should()
.BeOfType <OkObjectResult>()
.Which
.Value
.Should()
.Be(publishStatusResult);
}
public async Task EditSpecificationStatus_WhenUserDoesNotHaveApproveSpecificationPermission_ThenReturn403()
{
//Arrange
string specificationId = "5";
PublishStatusEditModel model = new PublishStatusEditModel();
PublishStatusResult publishStatusResult = new PublishStatusResult();
ValidatedApiResponse <PublishStatusResult> response = new ValidatedApiResponse <PublishStatusResult>(HttpStatusCode.OK, publishStatusResult);
ISpecsApiClient specsClient = Substitute.For <ISpecsApiClient>();
specsClient
.UpdatePublishStatus(Arg.Is(specificationId), Arg.Is(model))
.Returns(response);
IAuthorizationHelper authorizationHelper = Substitute.For <IAuthorizationHelper>();
authorizationHelper.DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanApproveSpecification))
.Returns(false);
SpecificationController controller = CreateSpecificationController(specsClient, authorizationHelper);
// Act
IActionResult result = await controller.EditSpecificationStatus(specificationId, model);
// Assert
result.Should().BeOfType <ForbidResult>();
}
public void EditSpecificationStatus_GivenFailedStatusCode_ThrowsInvalidOperationException()
{
//Arrange
string specificationId = "5";
PublishStatusEditModel model = new PublishStatusEditModel();
ValidatedApiResponse <PublishStatusResult> response = new ValidatedApiResponse <PublishStatusResult>(HttpStatusCode.BadRequest);
ISpecsApiClient specsClient = Substitute.For <ISpecsApiClient>();
specsClient
.UpdatePublishStatus(Arg.Is(specificationId), Arg.Is(model))
.Returns(response);
IAuthorizationHelper authorizationHelper = TestAuthHelper.CreateAuthorizationHelperSubstitute(specificationId, SpecificationActionTypes.CanApproveSpecification);
SpecificationController controller = CreateSpecificationController(specsClient, authorizationHelper);
// Act
Func <Task> test = async() => await controller.EditSpecificationStatus(specificationId, model);
// Assert
test
.Should()
.Throw <InvalidOperationException>();
}
public async Task <IActionResult> EditSpecificationStatus(string specificationId, [FromBody] PublishStatusEditModel publishStatusEditModel)
{
Guard.IsNullOrWhiteSpace(specificationId, nameof(specificationId));
Guard.ArgumentNotNull(publishStatusEditModel, nameof(publishStatusEditModel));
if (!await _authorizationHelper.DoesUserHavePermission(User, specificationId, SpecificationActionTypes.CanApproveSpecification))
{
return(new ForbidResult());
}
ValidatedApiResponse <PublishStatusResult> response = await _specsClient.UpdatePublishStatus(specificationId, publishStatusEditModel);
if (response.StatusCode == HttpStatusCode.OK)
{
return(Ok(response.Content));
}
throw new InvalidOperationException($"An error occurred while retrieving code context. Status code={response.StatusCode}");
}