public void When_no_authorization_rules_have_been_configured_for_a_given_command_then_checks_are_unauthorized() { var customer = new Customer(); var account = new CustomerAccount(); var addEmail = new ChangeEmailAddress(); customer.IsAuthorizedTo(addEmail, account) .Should().Be(false); }
public void AuthorizationPolicy_For_returns_an_instance_based_on_the_actual_rather_than_declared_type_of_the_principal() { AuthorizationFor<Customer>.ToApply<Cancel>.ToA<Order> .Requires((a, b, c) => true); IPrincipal iprincipal = new Customer(); var customer = new Customer(); var cancel = new Cancel(); var order = new Order(); iprincipal.IsAuthorizedTo(cancel, order).Should().Be(true); customer.IsAuthorizedTo(cancel, order).Should().Be(true); }
public void IsDenied_overrides_other_authorizations() { AuthorizationFor<Customer>.ToApply<SuspendAccount>.ToA<CustomerAccount>.IsDenied(); AuthorizationFor<Customer>.ToApplyAnyCommand.ToA<CustomerAccount>.Requires((c1, c2) => c1.Id == c2.Id); Guid customerId = Guid.NewGuid(); var customerAccount = new CustomerAccount(customerId); var customerPrincipal = new Customer { Id = customerId, IsAuthenticated = true }; customerPrincipal.IsAuthorizedTo(new ChangeEmailAddress(), customerAccount) .Should().BeTrue(); customerPrincipal.IsAuthorizedTo(new SuspendAccount(), customerAccount) .Should().BeFalse(); }
public void The_event_Actor_is_set_from_the_Command_Principal() { // arrange var customer = new Customer(Any.FullName()); var serviceRepresentative = new CustomerServiceRepresentative { Name = Any.FullName() }; var command = new SpecifyShippingInfo { Principal = serviceRepresentative }; var order = new Order(new CreateOrder(customer.Name) { Principal = customer }); // act order.Apply(command); // assert order.Events() .OfType<Order.Created>() .Single() .Actor() .Should() .Be(customer.Name); order.Events() .OfType<Order.ShippingMethodSelected>() .Single() .Actor() .Should() .Be(serviceRepresentative.Name); }
public void IsDenied_does_not_need_to_specify_a_resource_type_for_the_command() { AuthorizationFor<Customer>.ToApply<UnsuspendAccount>.IsDenied(); AuthorizationFor<Customer>.ToApplyAnyCommand.ToA<CustomerAccount>.Requires((c1, c2) => c1.Id == c2.Id); Guid customerId = Guid.NewGuid(); var customerAccount = new CustomerAccount(customerId); var customerPrincipal = new Customer { Id = customerId, IsAuthenticated = true }; customerPrincipal.IsAuthorizedTo(new ChangeEmailAddress(), customerAccount) .Should().BeTrue(); customerPrincipal.IsAuthorizedTo(new UnsuspendAccount(), customerAccount) .Should().BeFalse(); }
public void ToApplyAnyCommand_allows_an_authorization_rule_to_be_declared_for_all_commands_for_a_given_resource_type() { var principals = new List<IPrincipal>(); var resources = new List<EventSourcedAggregate>(); AuthorizationFor<Customer>.ToApplyAnyCommand.ToA<Order> .Requires((principal, resource) => { principals.Add(principal); resources.Add(resource); return true; }); var customer = new Customer(); var order1 = new Order(); var order2 = new Order(); customer.IsAuthorizedTo(new Cancel(), order1) .Should().BeTrue(); customer.IsAuthorizedTo(new Place(), order2) .Should().BeTrue(); principals.Should().Contain(customer); resources.Should().Contain(order1); resources.Should().Contain(order2); }