public void Returns_NotFound_if_service_returns_null() { // Given context.RouteData.Values["learningLogItemId"] = LearningLogItemId; A.CallTo(() => actionPlanService.VerifyDelegateCanAccessActionPlanResource(LearningLogItemId, DelegateId)) .Returns(null); // When new VerifyDelegateCanAccessActionPlanResource(actionPlanService).OnActionExecuting(context); // Then context.Result.Should().BeNotFoundResult(); }
public void VerifyDelegateCanAccessActionPlanResource_returns_null_if_signposting_is_deactivated() { // Given A.CallTo(() => config[ConfigurationExtensions.UseSignposting]).Returns("false"); // When var result = actionPlanService.VerifyDelegateCanAccessActionPlanResource( GenericLearningLogItemId, GenericDelegateId ); // Then using (new AssertionScope()) { result.Should().BeNull(); A.CallTo(() => learningLogItemsDataService.GetLearningLogItem(A <int> ._)).MustNotHaveHappened(); } }
public void OnActionExecuting(ActionExecutingContext context) { if (!(context.Controller is Controller controller)) { return; } // Candidate Id will be non-null as Authorize(User.Only) attribute will always be executed first // because https://docs.microsoft.com/en-us/aspnet/core/mvc/controllers/filters?view=aspnetcore-3.1#filter-types-1 var delegateId = controller.User.GetCandidateIdKnownNotNull(); var learningLogItemId = int.Parse(context.RouteData.Values["learningLogItemId"].ToString() !); var validationResult = actionPlanService.VerifyDelegateCanAccessActionPlanResource(learningLogItemId, delegateId); if (!validationResult.HasValue) { context.Result = new NotFoundResult(); } else if (!validationResult.Value) { context.Result = new RedirectToActionResult("AccessDenied", "LearningSolutions", new { }); } }