public async Task GetAccounts_WithoutAccess_ShouldFail()
{
Bogus.Faker faker = new Bogus.Faker();
var identity = faker.Random.Identity();
var accountUserFaker = new Common.Fakers.AccountUserFaker();
var master = accountUserFaker.Generate();
var newAccountUserFaker = accountUserFaker
.RuleFor(au => au.UserId, master.UserId)
.RuleFor(au => au.UserDescription, master.AccountDescription);
var originalAccountUserList = newAccountUserFaker.Generate(3);
var mockAuthorizationService = new Mock <IAuthorizationService>();
mockAuthorizationService.Setup(a => a.CheckAuthorizedUser(identity, master.UserId, AccessType.Read)).ReturnsAsync(false);
var mockUserRepository = new Mock <IUserRepository>();
mockUserRepository.Setup(ur => ur.GetAccounts(master.UserId)).ReturnsAsync(originalAccountUserList);
var userQueryHandler = new UserQueryHandler(mockAuthorizationService.Object, mockUserRepository.Object);
await Assert.ThrowsAsync <UnauthorizedAccessException>(async() => await userQueryHandler.GetAccounts(identity, master.UserId));
mockUserRepository.VerifyNoOtherCalls();
}
public async Task GetAccounts_ShouldSucceed()
{
Bogus.Faker faker = new Bogus.Faker();
var identity = faker.Random.Identity();
var accountUserFaker = new Common.Fakers.AccountUserFaker();
var master = accountUserFaker.Generate();
var newAccountUserFaker = accountUserFaker
.RuleFor(au => au.UserId, master.UserId)
.RuleFor(au => au.UserDescription, master.AccountDescription);
var originalAccountUserList = newAccountUserFaker.Generate(3);
var mockAuthorizationService = new Mock <IAuthorizationService>();
mockAuthorizationService.Setup(a => a.CheckAuthorizedUser(identity, master.UserId, AccessType.Read)).ReturnsAsync(true);
var mockUserRepository = new Mock <IUserRepository>();
mockUserRepository.Setup(ur => ur.GetAccounts(master.UserId)).ReturnsAsync(originalAccountUserList);
var userQueryHandler = new UserQueryHandler(mockAuthorizationService.Object, mockUserRepository.Object);
var accountUserList = await userQueryHandler.GetAccounts(identity, master.UserId);
originalAccountUserList.ShouldDeepEqual(accountUserList);
mockAuthorizationService.Verify(a => a.CheckAuthorizedUser(identity, master.UserId, AccessType.Read));
mockAuthorizationService.VerifyNoOtherCalls();
mockUserRepository.Verify(ur => ur.GetAccounts(master.UserId));
mockUserRepository.VerifyNoOtherCalls();
}
