public void SetRoleScopes(SetRoleScopesModel model, ClaimsPrincipal user) { authorizationLogic.IsAuthorizedThrowsException(AuthorizationScopes.ManageRoles, user, model, EventCategory.RoleManagementSetScopes); SecurityRole role = configurationRepository.Get <SecurityRole>(model.RoleId); List <Scope> validScopes = authorizationLogic.GetAvailibleScopes(); if (model.Scopes != null && model.Scopes.Any()) { foreach (Guid scope in model.Scopes) { if (!validScopes.Select(item => item.Id).Contains(scope)) { throw new ReferencedObjectDoesNotExistException("Requested scope does not exist"); } } } else { model.Scopes = new List <Guid>(); } role.Scopes = model.Scopes; configurationRepository.Update <SecurityRole>(role); }
public void RoleManagementLogic_SetRoleScopes_InvalidScopeProvided_ThrowsReferencedObjectDoesNotExistException() { List <Scope> validScopes = new List <Scope>() { new Scope("TestScope", AuthorizationScopes.ManageRoles) }; Mock <IAuthorizationLogic> authorizationLogic = new Mock <IAuthorizationLogic>(); authorizationLogic.Setup(x => x.IsAuthorized(It.IsAny <Guid>(), It.IsAny <ClaimsPrincipal>())).Returns(true); authorizationLogic.Setup(x => x.GetAvailibleScopes()).Returns(validScopes); SetRoleScopesModel model = new SetRoleScopesModel() { RoleId = new Guid(), Scopes = new List <Guid>() { Guid.NewGuid() } }; SecurityRole role = new SecurityRole() { Name = "TestRole", Id = Guid.NewGuid() }; Mock <IConfigurationRepository> configurationRepository = new Mock <IConfigurationRepository>(); configurationRepository.Setup(x => x.Get <SecurityRole>(It.IsAny <Guid>())).Returns(role); RoleManagementLogic roleManagementLogic = new RoleManagementLogic(configurationRepository.Object, authorizationLogic.Object); roleManagementLogic.SetRoleScopes(model, null); }
public void RoleManagementLogic_SetRoleScopes_UnauthorizedUser_ThrowsUnauthorizedAccessException() { SetRoleScopesModel model = new SetRoleScopesModel() { RoleId = new Guid() }; Mock <IAuthorizationLogic> authorizationLogic = new Mock <IAuthorizationLogic>(); authorizationLogic.Setup(x => x.IsAuthorizedThrowsException(AuthorizationScopes.ManageRoles, It.IsAny <ClaimsPrincipal>(), It.IsAny <ILoggableEntity>(), It.IsAny <EventCategory>())).Throws(new UnauthorizedAccessException()); RoleManagementLogic roleManagementLogic = new RoleManagementLogic(null, authorizationLogic.Object); roleManagementLogic.SetRoleScopes(model, null); }
public JsonResult SetRoleScopes(Guid roleId, [FromBody] SetRoleScopesModel model) { model.RoleId = roleId; roleManagement.SetRoleScopes(model, User); return(http.RespondSuccess()); }