public async Task allow_to_view_grades_if_the_user_have_permission()
{
var application = await fixture.GivenAnApplication();
var subject = await fixture.GivenAnSubject(Subs.Teacher);
await fixture.GivenARole(Roles.Teacher, application, subject);
foreach (var server in servers)
{
var response = await server
.CreateRequest(Api.School.GetGrades)
.WithIdentity(new Fixture().Sub(subject.Sub))
.GetAsync();
response.StatusCode.Should().Be(StatusCodes.Status200OK);
}
}
public async Task allow_to_view_grades_if_the_policie_is_satisfied()
{
var application = await fixture.GivenAnApplication();
var subject = await fixture.GivenAnSubject(Subs.Teacher);
await fixture.GivenARole(Roles.Teacher, application, subject);
await fixture.GivenAPolicy(application, "abac-policy", AbacPolicies.Substitute);
foreach (var server in servers)
{
var response = await server
.CreateRequest(Api.School.GetAbacPolicy)
.WithIdentity(new Fixture().Sub(subject.Sub))
.GetAsync();
response.StatusCode.Should().Be(StatusCodes.Status200OK);
}
}
public async Task allow_to_view_grades_if_the_user_is_authenticated_with_balea_schema_and_belongs_to_the_teacher_role()
{
var application = await fixture.GivenAnApplication();
var subject = await fixture.GivenAnSubject(Subs.Teacher);
await fixture.GivenARole(Roles.Teacher, application, subject);
foreach (var server in servers)
{
var response = await server
.CreateRequest(Api.School.GetGrades)
.WithIdentity(new Fixture().Sub(subject.Sub), BaleaScheme)
.GetAsync();
await response.IsSuccessStatusCodeOrThrow();
var schemes = JsonConvert.DeserializeObject <string[]>(await response.Content.ReadAsStringAsync());
schemes.Should().HaveCount(2);
schemes.Should().Contain(BaleaScheme);
schemes.Should().Contain("Balea");
}
}