public async Task PutImage_given_invalid_User_Role_returns_Unauthorized()
{
var formFile = new Mock <IFormFile>();
var idString = "1";
var id = 1;
var productId = "1";
var userRole = UserRoleEnum.Receiver.ToString();
var productImageFormDTO = new ProductImageFormDTO
{
UserId = idString,
ProductId = productId,
File = formFile.Object
};
var repository = new Mock <IProductRepository>();
var logger = new Mock <ILogger <ProductsController> >();
var controller = new ProductsController(repository.Object, logger.Object);
// Needs HttpContext to mock it.
controller.ControllerContext.HttpContext = new DefaultHttpContext();
var cp = MockClaimsSecurity(id, userRole);
//Update the HttpContext to use mocked claim
controller.ControllerContext.HttpContext.User = cp.Object;
var put = await controller.PutImage(productImageFormDTO);
Assert.IsType <UnauthorizedResult>(put.Result);
}
public async Task PutImage_given_different_User_id_as_claim_returns_Forbidden()
{
var formFile = new Mock <IFormFile>();
var idString = "1";
var productId = "1";
var productImageFormDTO = new ProductImageFormDTO
{
UserId = idString,
ProductId = productId,
File = formFile.Object
};
var repository = new Mock <IProductRepository>();
var logger = new Mock <ILogger <ProductsController> >();
var controller = new ProductsController(repository.Object, logger.Object);
// Needs HttpContext to mock it.
controller.ControllerContext.HttpContext = new DefaultHttpContext();
var cp = MockClaimsSecurity(42, UserRoleEnum.Producer.ToString());
//Update the HttpContext to use mocked claim
controller.ControllerContext.HttpContext.User = cp.Object;
var put = await controller.PutImage(productImageFormDTO);
Assert.IsType <ForbidResult>(put.Result);
}
public async Task PutImage_given_invalid_image_returns_BadRequestObjectResult()
{
var id = 1;
var idString = "1";
var productId = "1";
var formFile = new Mock <IFormFile>();
var productImageFormDTO = new ProductImageFormDTO
{
UserId = idString,
ProductId = productId,
File = formFile.Object
};
var repository = new Mock <IProductRepository>();
repository.Setup(r => r.UpdateImageAsync(id, It.IsAny <IFormFile>())).ThrowsAsync(new ArgumentException("Invalid image file"));
var logger = new Mock <ILogger <ProductsController> >();
var controller = new ProductsController(repository.Object, logger.Object);
// Needs HttpContext to mock it.
controller.ControllerContext.HttpContext = new DefaultHttpContext();
var cp = MockClaimsSecurity(id, UserRoleEnum.Producer.ToString());
//Update the HttpContext to use mocked claim
controller.ControllerContext.HttpContext.User = cp.Object;
var putImage = await controller.PutImage(productImageFormDTO);
Assert.IsType <BadRequestObjectResult>(putImage.Result);
}
public async Task <ActionResult <string> > PutImage([FromForm] ProductImageFormDTO dto)
{
var claimRole = User.Claims.First(c => c.Type == ClaimTypes.Role);
if (!claimRole.Value.Equals(UserRoleEnum.Producer.ToString()))
{
return(Unauthorized());
}
var claimId = User.Claims.First(c => c.Type == ClaimTypes.NameIdentifier);
// Identity check of current user
// if id don't match, it is forbidden to update
if (!claimId.Value.Equals(dto.UserId))
{
return(Forbid());
}
try
{
if (int.TryParse(dto.UserId, out int intId) && int.TryParse(dto.ProductId, out int productIntId))
{
var newImagePath = await _productRepository.UpdateImageAsync(productIntId, dto.File);
if (string.IsNullOrEmpty(newImagePath))
{
return(NotFound("Product not found"));
}
return(newImagePath);
}
else
{
return(BadRequest());
}
}
catch (Exception ex)
{
if (ex.Message.Equals("Invalid image file"))
{
return(BadRequest(ex.Message));
}
else
{
return(new StatusCodeResult(StatusCodes.Status500InternalServerError));
}
}
}
public async Task PutImage_given_wrong_id_format_returns_BadRequest()
{
var formFile = new Mock <IFormFile>();
var idString = "test";
var productId = "1";
var productImageFormDTO = new ProductImageFormDTO
{
UserId = idString,
ProductId = productId,
File = formFile.Object
};
var repository = new Mock <IProductRepository>();
var logger = new Mock <ILogger <ProductsController> >();
var controller = new ProductsController(repository.Object, logger.Object);
// Needs HttpContext to mock it.
controller.ControllerContext.HttpContext = new DefaultHttpContext();
//Create ClaimIdentity
var claims = new List <Claim>()
{
new Claim(ClaimTypes.NameIdentifier, idString),
new Claim(ClaimTypes.Role, UserRoleEnum.Producer.ToString())
};
var identity = new ClaimsIdentity(claims);
//Mock claim to make the HttpContext contain one.
var claimsPrincipalMock = new Mock <ClaimsPrincipal>();
claimsPrincipalMock.Setup(m => m.HasClaim(It.IsAny <string>(), It.IsAny <string>()))
.Returns(true);
claimsPrincipalMock.Setup(m => m.Claims).Returns(claims);
//Update the HttpContext to use mocked claim
controller.ControllerContext.HttpContext.User = claimsPrincipalMock.Object;
var putImage = await controller.PutImage(productImageFormDTO);
Assert.IsType <BadRequestResult>(putImage.Result);
}
public async Task PutImage_given_non_existing_user_and_valid_claim_returns_NotFoundObjectResult_and_message()
{
var formFile = new Mock <IFormFile>();
var idString = "1";
var id = 1;
var productId = "1";
var error = "Product not found";
var productImageFormDTO = new ProductImageFormDTO
{
UserId = idString,
ProductId = productId,
File = formFile.Object
};
var repository = new Mock <IProductRepository>();
repository.Setup(r => r.UpdateImageAsync(id, It.IsAny <IFormFile>())).ReturnsAsync(default(string));
var logger = new Mock <ILogger <ProductsController> >();
var controller = new ProductsController(repository.Object, logger.Object);
// Needs HttpContext to mock it.
controller.ControllerContext.HttpContext = new DefaultHttpContext();
var cp = MockClaimsSecurity(id, UserRoleEnum.Producer.ToString());
//Update the HttpContext to use mocked claim
controller.ControllerContext.HttpContext.User = cp.Object;
var put = await controller.PutImage(productImageFormDTO);
var notFound = put.Result as NotFoundObjectResult;
Assert.IsType <NotFoundObjectResult>(put.Result);
Assert.Equal(error, notFound.Value);
}
public async Task PutImage_given_valid_id_and_image_returns_relative_path_to_file()
{
var userId = 1;
var userIdString = "1";
var productId = "1";
var formFile = new Mock <IFormFile>();
var fileName = "file.png";
var productImageFormDTO = new ProductImageFormDTO
{
UserId = userIdString,
ProductId = productId,
File = formFile.Object
};
var repository = new Mock <IProductRepository>();
repository.Setup(r => r.UpdateImageAsync(userId, It.IsAny <IFormFile>())).ReturnsAsync(fileName);
var logger = new Mock <ILogger <ProductsController> >();
var controller = new ProductsController(repository.Object, logger.Object);
// Needs HttpContext to mock it.
controller.ControllerContext.HttpContext = new DefaultHttpContext();
var cp = MockClaimsSecurity(userId, UserRoleEnum.Producer.ToString());
//Update the HttpContext to use mocked claim
controller.ControllerContext.HttpContext.User = cp.Object;
var putImage = await controller.PutImage(productImageFormDTO);
Assert.Equal(fileName, putImage.Value);
}
