public void Should_Throw_SecurityException_If_User_Does_Not_Belong_To_Group() { //ARRANGE var testSubjectUserId = 3; var groupId = 10; var group = new GroupEntity { GroupId = groupId, UserGroups = new List <UserGroupEntity> { new UserGroupEntity { GroupId = groupId, UserId = 1 }, new UserGroupEntity { GroupId = groupId, UserId = 2 } } }; //ACT && ASSERT Assert.Throws <SecurityException>(() => SecurityAssertions.AssertThatUserBelongsToGroup(group, testSubjectUserId)); }
public CloudBlockBlob GetAttachmentForNote(int userId, int noteId) { var note = GetNote(noteId); SecurityAssertions.AssertThatUserBelongsToGroup(note.Group, userId); var file = GetBlobFromStorage(note.AttachmentIdentity); return(file); }
public void Should_Throw_SecurityException_If_Non_Creator_Tries_To_Manage_Note() { //ARRANGE var note = new NoteEntity { CreatorId = 1 }; var userId = 235453; //ACT && ASSERT Assert.Throws <SecurityException>(() => SecurityAssertions.AssertThatIssuerIsAuthorizedToManageNote(note, userId)); }
public void Group_Creator_Should_Be_Able_To_Delete_Note(int groupCreatorId, int noteCreatorId) { //ARRANGE var note = new NoteEntity { CreatorId = noteCreatorId }; var group = new GroupEntity { CreatorId = groupCreatorId }; var userId = groupCreatorId; //ACT && ASSERT Assert.DoesNotThrow(() => SecurityAssertions.AssertThatIssuerIsAuthorizedToDeleteNote(note, group, userId)); }
public void Should_Throw_SecurityException_If_Non_Creator_Tries_To_Delete_Note(int groupCreatorId, int noteCreatorId) { //ARRANGE var group = new GroupEntity { CreatorId = groupCreatorId }; var note = new NoteEntity { CreatorId = noteCreatorId }; var userId = 20; //ACT && ASSERT Assert.Throws <SecurityException>(() => SecurityAssertions.AssertThatIssuerIsAuthorizedToDeleteNote(note, group, userId)); }
private void AssertThatRequestCameFromCreator(GroupEntity group, int userId) { SecurityAssertions.AssertThatIssuerIsAuthorizedToManageGroup(group, userId); }
private void AssertThatRequestCameFromCreator(NoteEntity note, int userId) { SecurityAssertions.AssertThatIssuerIsAuthorizedToManageNote(note, userId); }
private void AssertThatRequestCameFromCreatorOrGroupAdmin(NoteEntity note, GroupEntity group, int userId) { SecurityAssertions.AssertThatIssuerIsAuthorizedToDeleteNote(note, group, userId); }