/// <summary> /// The reason this is not in the constructor is solely for the purpose of exception handling. /// If you leave this in the controller and someone who is not authenticated calls the API you will not get a tenantId not found error. /// The error will be ugly and be hard to figure out you are not authorized. /// This way if the all methods have the ClaimsAuthorize attribute on them they will first be authenticated if not get a nice error message of not authorized. /// </summary> /// <exception cref="System.Exception">No Tenant Id Found.</exception> private void Setup() { //var isAllowed = ClaimsAuthorization.CheckAccess("Get", "CustomerId", "00"); //isAllowed = true; //Get the current claims principal var identity = (ClaimsPrincipal)Thread.CurrentPrincipal; var tenant = identity.Claims.Where(c => c.Type == ClaimsConstants.TenantIdClaimType).Select(c => c.Value).SingleOrDefault(); if (string.IsNullOrEmpty(tenant)) { throw new Exception("No Tenant Id Found."); } _tenantId = Guid.Parse(tenant); _user = identity.Identity.Name; _serviceName = DispatcherServiceFactory.RetrieveServiceName(_tenantId); _iProvisioningEngineService = ProvisioningEngineServiceFactory.Create(_tenantId); _iOrderService = OrderServiceFactory.Create(_tenantId); }
public void TestInitialize() { _container = BootStrapper.Initialize(); _iProvisioningEngineService = _container.Resolve <IProvisioningEngineService>(); }