public async Task SecurityDisabled()
{
// Arrange
var requirements = new[] { new AuthenticatedWhenEnabledRequirement() };
var context = new AuthorizationHandlerContext(requirements, null, null);
var handler = new MiningMonitorAuthorizationHandler(_settingsService.Object);
// Act
await handler.HandleAsync(context);
// Assert
Assert.That(context, Has.Property(nameof(context.HasSucceeded)).True);
}
public async Task AuthenticatedWhenEnabledRequirementFailsWhenNotAuthenticated()
{
// Arrange
var requirements = new[] { new AuthenticatedWhenEnabledRequirement() };
var principal = new GenericPrincipal(new GenericIdentity(""), null);
var context = new AuthorizationHandlerContext(requirements, principal, null);
_settingsService.Setup(m => m.GetSettingAsync("EnableSecurity", CancellationToken.None))
.ReturnsAsync(() => (true, "true"));
var handler = new MiningMonitorAuthorizationHandler(_settingsService.Object);
// Act
await handler.HandleAsync(context);
// Assert
Assert.That(context, Has.Property(nameof(context.HasSucceeded)).False);
}
public async Task HasRoleWhenEnabledRequirement()
{
// Arrange
const string role = "test-role";
var requirements = new[] { new HasRoleWhenEnabledRequirement(role) };
var principal = new GenericPrincipal(new GenericIdentity("test", "test"), new[] { role });
var context = new AuthorizationHandlerContext(requirements, principal, null);
_settingsService.Setup(m => m.GetSettingAsync("EnableSecurity", CancellationToken.None))
.ReturnsAsync(() => (true, "true"));
var handler = new MiningMonitorAuthorizationHandler(_settingsService.Object);
// Act
await handler.HandleAsync(context);
// Assert
Assert.That(context, Has.Property(nameof(context.HasSucceeded)).True);
}
public async Task OwnResourceWhenEnabledRequirementFailsWhenResourceIsNotOwned()
{
// Arrange
var requirements = new[] { new OwnResourceWhenEnabledRequirement("id") };
var principal = new GenericPrincipal(new GenericIdentity("test-id"), null);
var routeData = new RouteData();
var httpContext = new Mock <HttpContext>();
var actionContext = new ActionContext(httpContext.Object, routeData, new ActionDescriptor());
var filterContext = new AuthorizationFilterContext(actionContext, new List <IFilterMetadata>());
var context = new AuthorizationHandlerContext(requirements, principal, filterContext);
routeData.Values.Add("id", "other-id");
_settingsService.Setup(m => m.GetSettingAsync("EnableSecurity", CancellationToken.None))
.ReturnsAsync(() => (true, "true"));
var handler = new MiningMonitorAuthorizationHandler(_settingsService.Object);
// Act
await handler.HandleAsync(context);
// Assert
Assert.That(context, Has.Property(nameof(context.HasSucceeded)).False);
}
