/// <summary>
/// The reason this is not in the constructor is solely for the purpose of exception handling.
/// If you leave this in the controller and someone who is not authenticated calls the API you will not get a tenantId not found error.
/// The error will be ugly and be hard to figure out you are not authorized.
/// This way if the all methods have the ClaimsAuthorize attribute on them they will first be authenticated if not get a nice error message of not authorized.
/// </summary>
/// <exception cref="System.Exception">No Tenant Id Found.</exception>
private void Setup()
{
//var isAllowed = ClaimsAuthorization.CheckAccess("Get", "CustomerId", "00");
//isAllowed = true;
//Get the current claims principal
var identity = (ClaimsPrincipal)Thread.CurrentPrincipal;
var tenant = identity.Claims.Where(c => c.Type == ClaimsConstants.TenantIdClaimType).Select(c => c.Value).SingleOrDefault();
if (string.IsNullOrEmpty(tenant))
{
throw new Exception("No Tenant Id Found.");
}
_tenantId = Guid.Parse(tenant);
_user = identity.Identity.Name;
_serviceName = DispatcherServiceFactory.RetrieveServiceName(_tenantId);
_iProvisioningEngineService = ProvisioningEngineServiceFactory.Create(_tenantId);
_iOrderService = OrderServiceFactory.Create(_tenantId);
}
public void TestInitialize()
{
_container = BootStrapper.Initialize();
_iProvisioningEngineService = _container.Resolve <IProvisioningEngineService>();
}
