public async Task PutImage_given_invalid_User_Role_returns_Unauthorized() { var formFile = new Mock <IFormFile>(); var idString = "1"; var id = 1; var productId = "1"; var userRole = UserRoleEnum.Receiver.ToString(); var productImageFormDTO = new ProductImageFormDTO { UserId = idString, ProductId = productId, File = formFile.Object }; var repository = new Mock <IProductRepository>(); var logger = new Mock <ILogger <ProductsController> >(); var controller = new ProductsController(repository.Object, logger.Object); // Needs HttpContext to mock it. controller.ControllerContext.HttpContext = new DefaultHttpContext(); var cp = MockClaimsSecurity(id, userRole); //Update the HttpContext to use mocked claim controller.ControllerContext.HttpContext.User = cp.Object; var put = await controller.PutImage(productImageFormDTO); Assert.IsType <UnauthorizedResult>(put.Result); }
public async Task PutImage_given_different_User_id_as_claim_returns_Forbidden() { var formFile = new Mock <IFormFile>(); var idString = "1"; var productId = "1"; var productImageFormDTO = new ProductImageFormDTO { UserId = idString, ProductId = productId, File = formFile.Object }; var repository = new Mock <IProductRepository>(); var logger = new Mock <ILogger <ProductsController> >(); var controller = new ProductsController(repository.Object, logger.Object); // Needs HttpContext to mock it. controller.ControllerContext.HttpContext = new DefaultHttpContext(); var cp = MockClaimsSecurity(42, UserRoleEnum.Producer.ToString()); //Update the HttpContext to use mocked claim controller.ControllerContext.HttpContext.User = cp.Object; var put = await controller.PutImage(productImageFormDTO); Assert.IsType <ForbidResult>(put.Result); }
public async Task PutImage_given_invalid_image_returns_BadRequestObjectResult() { var id = 1; var idString = "1"; var productId = "1"; var formFile = new Mock <IFormFile>(); var productImageFormDTO = new ProductImageFormDTO { UserId = idString, ProductId = productId, File = formFile.Object }; var repository = new Mock <IProductRepository>(); repository.Setup(r => r.UpdateImageAsync(id, It.IsAny <IFormFile>())).ThrowsAsync(new ArgumentException("Invalid image file")); var logger = new Mock <ILogger <ProductsController> >(); var controller = new ProductsController(repository.Object, logger.Object); // Needs HttpContext to mock it. controller.ControllerContext.HttpContext = new DefaultHttpContext(); var cp = MockClaimsSecurity(id, UserRoleEnum.Producer.ToString()); //Update the HttpContext to use mocked claim controller.ControllerContext.HttpContext.User = cp.Object; var putImage = await controller.PutImage(productImageFormDTO); Assert.IsType <BadRequestObjectResult>(putImage.Result); }
public async Task <ActionResult <string> > PutImage([FromForm] ProductImageFormDTO dto) { var claimRole = User.Claims.First(c => c.Type == ClaimTypes.Role); if (!claimRole.Value.Equals(UserRoleEnum.Producer.ToString())) { return(Unauthorized()); } var claimId = User.Claims.First(c => c.Type == ClaimTypes.NameIdentifier); // Identity check of current user // if id don't match, it is forbidden to update if (!claimId.Value.Equals(dto.UserId)) { return(Forbid()); } try { if (int.TryParse(dto.UserId, out int intId) && int.TryParse(dto.ProductId, out int productIntId)) { var newImagePath = await _productRepository.UpdateImageAsync(productIntId, dto.File); if (string.IsNullOrEmpty(newImagePath)) { return(NotFound("Product not found")); } return(newImagePath); } else { return(BadRequest()); } } catch (Exception ex) { if (ex.Message.Equals("Invalid image file")) { return(BadRequest(ex.Message)); } else { return(new StatusCodeResult(StatusCodes.Status500InternalServerError)); } } }
public async Task PutImage_given_wrong_id_format_returns_BadRequest() { var formFile = new Mock <IFormFile>(); var idString = "test"; var productId = "1"; var productImageFormDTO = new ProductImageFormDTO { UserId = idString, ProductId = productId, File = formFile.Object }; var repository = new Mock <IProductRepository>(); var logger = new Mock <ILogger <ProductsController> >(); var controller = new ProductsController(repository.Object, logger.Object); // Needs HttpContext to mock it. controller.ControllerContext.HttpContext = new DefaultHttpContext(); //Create ClaimIdentity var claims = new List <Claim>() { new Claim(ClaimTypes.NameIdentifier, idString), new Claim(ClaimTypes.Role, UserRoleEnum.Producer.ToString()) }; var identity = new ClaimsIdentity(claims); //Mock claim to make the HttpContext contain one. var claimsPrincipalMock = new Mock <ClaimsPrincipal>(); claimsPrincipalMock.Setup(m => m.HasClaim(It.IsAny <string>(), It.IsAny <string>())) .Returns(true); claimsPrincipalMock.Setup(m => m.Claims).Returns(claims); //Update the HttpContext to use mocked claim controller.ControllerContext.HttpContext.User = claimsPrincipalMock.Object; var putImage = await controller.PutImage(productImageFormDTO); Assert.IsType <BadRequestResult>(putImage.Result); }
public async Task PutImage_given_non_existing_user_and_valid_claim_returns_NotFoundObjectResult_and_message() { var formFile = new Mock <IFormFile>(); var idString = "1"; var id = 1; var productId = "1"; var error = "Product not found"; var productImageFormDTO = new ProductImageFormDTO { UserId = idString, ProductId = productId, File = formFile.Object }; var repository = new Mock <IProductRepository>(); repository.Setup(r => r.UpdateImageAsync(id, It.IsAny <IFormFile>())).ReturnsAsync(default(string)); var logger = new Mock <ILogger <ProductsController> >(); var controller = new ProductsController(repository.Object, logger.Object); // Needs HttpContext to mock it. controller.ControllerContext.HttpContext = new DefaultHttpContext(); var cp = MockClaimsSecurity(id, UserRoleEnum.Producer.ToString()); //Update the HttpContext to use mocked claim controller.ControllerContext.HttpContext.User = cp.Object; var put = await controller.PutImage(productImageFormDTO); var notFound = put.Result as NotFoundObjectResult; Assert.IsType <NotFoundObjectResult>(put.Result); Assert.Equal(error, notFound.Value); }
public async Task PutImage_given_valid_id_and_image_returns_relative_path_to_file() { var userId = 1; var userIdString = "1"; var productId = "1"; var formFile = new Mock <IFormFile>(); var fileName = "file.png"; var productImageFormDTO = new ProductImageFormDTO { UserId = userIdString, ProductId = productId, File = formFile.Object }; var repository = new Mock <IProductRepository>(); repository.Setup(r => r.UpdateImageAsync(userId, It.IsAny <IFormFile>())).ReturnsAsync(fileName); var logger = new Mock <ILogger <ProductsController> >(); var controller = new ProductsController(repository.Object, logger.Object); // Needs HttpContext to mock it. controller.ControllerContext.HttpContext = new DefaultHttpContext(); var cp = MockClaimsSecurity(userId, UserRoleEnum.Producer.ToString()); //Update the HttpContext to use mocked claim controller.ControllerContext.HttpContext.User = cp.Object; var putImage = await controller.PutImage(productImageFormDTO); Assert.Equal(fileName, putImage.Value); }