public async Task UpdateJogging_Returns403UnauthorizedResultWhenUserNotOwner()
        {
            // Arrange
            var jogggingId = 1000;
            var user       = new ClaimsPrincipal(new ClaimsIdentity(new Claim[]
                                                                    { new Claim(ClaimTypes.Name, "joggeruser"), new Claim(ClaimTypes.Role, "Jogger") }));
            var jogging = await _joggingRepo.GetJoggingById(jogggingId);

            jogging.User = new User {
                UserName = "******"
            };
            var joggingUpdateDto = new JoggingUpdateDto
            {
                JoggingDate              = DateTime.Now,
                DistanceInMeters         = 5000,
                Location                 = "Philadelphia",
                JoggingDurationInMinutes = 50
            };


            _controller.ControllerContext = new ControllerContext()
            {
                HttpContext = new DefaultHttpContext {
                    User = user
                }
            };
            _controller.ControllerContext.HttpContext.Items.Add("jogging", jogging);

            // Act
            var result = await _controller.UpdateJogging(jogggingId, joggingUpdateDto) as StatusCodeResult;

            // Assert
            Assert.Equal(403, result.StatusCode);
        }
        public async Task UpdateJogging_Returns201NoContentObjectResult()
        {
            // Arrange
            var jogggingId = 1000;
            var user       = new ClaimsPrincipal(new ClaimsIdentity(new Claim[]
                                                                    { new Claim(ClaimTypes.Name, "joggeruser"), new Claim(ClaimTypes.Role, "Jogger") }));
            var jogging = await _joggingRepo.GetJoggingById(jogggingId);

            jogging.User = new User {
                UserName = "******"
            };
            var joggingUpdateDto = new JoggingUpdateDto
            {
                JoggingDate              = DateTime.Now,
                DistanceInMeters         = 5000,
                Location                 = "Philadelphia",
                JoggingDurationInMinutes = 50
            };


            _controller.ControllerContext = new ControllerContext()
            {
                HttpContext = new DefaultHttpContext {
                    User = user
                }
            };
            _controller.ControllerContext.HttpContext.Items.Add("jogging", jogging);

            // Act
            var result = await _controller.UpdateJogging(jogggingId, joggingUpdateDto);

            // Assert
            Assert.IsType <NoContentResult>(result);
        }
Esempio n. 3
0
        public async Task UpdateJogging_ReturnsBadRequestWithoutRequestBody()
        {
            var jwtToken = MockJWTTokens.CreateRoleJWTToken("Jogger", "joggeruser");

            _client.DefaultRequestHeaders.Add("Authorization", $"Bearer {jwtToken}");
            var requestBody = new JoggingUpdateDto();
            var response    = await _client.PutAsJsonAsync("/api/joggings/1000", requestBody);

            Assert.Equal(422, (int)response.StatusCode);
        }
Esempio n. 4
0
        public async Task <IActionResult> UpdateJogging(int id, [FromBody] JoggingUpdateDto joggingUpdateDto)
        {
            var claimsIdentity = this.User.Identity as ClaimsIdentity;
            var userName       = claimsIdentity.FindFirst(ClaimTypes.Name)?.Value;
            var role           = claimsIdentity.FindFirst(ClaimTypes.Role)?.Value;
            var jogging        = HttpContext.Items["jogging"] as Jogging;

            if (joggingUpdateDto == null)
            {
                return(BadRequest("joggingUpdateDto object is null"));
            }
            if (role != "Admin" && jogging.User.UserName != userName)
            {
                return(StatusCode(403));
            }

            var searchDate = joggingUpdateDto.JoggingDate;
            WeatherServiceResult weatherResult;

            if (searchDate < DateTime.Today)
            {
                weatherResult = await _weatherManager.GetHistoryWeather(joggingUpdateDto.Location, searchDate);
            }
            else
            {
                weatherResult = await _weatherManager.GetCurrentOrForecast(joggingUpdateDto.Location, searchDate);
            }

            if (weatherResult != null && weatherResult.Succeeded)
            {
                jogging.TemperatureC             = weatherResult.TempC;
                jogging.TemperatureF             = weatherResult.TempF;
                jogging.WeatherCondition         = weatherResult.WeatherCondition;
                jogging.humidity                 = weatherResult.Humidity;
                jogging.DistanceInMeters         = joggingUpdateDto.DistanceInMeters;
                jogging.JoggingDurationInMinutes = joggingUpdateDto.JoggingDurationInMinutes;
                jogging.Location                 = joggingUpdateDto.Location;
                jogging.DateUpdated              = DateTime.Now;
                _repo.UpdateJogging(jogging);
                _repo.Save();

                return(NoContent());
            }
            else
            {
                return(StatusCode(422, new { Success = false, weatherResult.ErrorMessage }));
            }
        }
Esempio n. 5
0
        public async Task UpdateJogging_Returns403ForbiddenWhenUserIsNotOwnerOfJogging()
        {
            var jwtToken = MockJWTTokens.CreateRoleJWTToken("Jogger", "userWithoutJoggings");

            _client.DefaultRequestHeaders.Add("Authorization", $"Bearer {jwtToken}");
            var requestBody = new JoggingUpdateDto
            {
                JoggingDate              = new DateTime(2020, 10, 29),
                DistanceInMeters         = 5000,
                Location                 = "Philadelphia",
                JoggingDurationInMinutes = 30,
            };
            var response = await _client.PutAsJsonAsync("/api/joggings/1000", requestBody);

            Assert.Equal(403, (int)response.StatusCode);
        }
Esempio n. 6
0
        public async Task UpdateJogging_Returns404NotFound()
        {
            var jwtToken = MockJWTTokens.CreateRoleJWTToken("Admin", "adminuser");

            _client.DefaultRequestHeaders.Add("Authorization", $"Bearer {jwtToken}");
            var requestBody = new JoggingUpdateDto
            {
                JoggingDate              = new DateTime(2020, 10, 29),
                DistanceInMeters         = 5000,
                Location                 = "Philadelphia",
                JoggingDurationInMinutes = 30,
            };
            var response = await _client.PutAsJsonAsync("/api/joggings/654651", requestBody);

            Assert.Equal(404, (int)response.StatusCode);
        }