public async Task Evaluate_should_return_matched_permissions() { _policy.Roles.AddRange(new[] { new Role { Name = "role", Subjects = { "1" } }, new Role { Name = "xoxo", Subjects = { "2" } }, }); _policy.Permissions.AddRange(new[] { new Permission { Name = "a", Roles = { "role" } }, new Permission { Name = "c", Roles = { "role" } }, new Permission { Name = "b", Roles = { "xoxo" } }, }); var user = TestUser.Create("1"); var result = await LocalPolicyService.EvaluateAsync(user, _policy); result.Permissions.Should().BeEquivalentTo(new[] { "a", "c" }); }
public async Task Evaluate_should_not_allow_identity_roles_to_match_permissions() { _policy.Permissions.AddRange(new[] { new Permission { Name = "perm", Roles = { "role" } }, }); var user = TestUser.Create("1", roles: new[] { "role" }); var result = await LocalPolicyService.EvaluateAsync(user, _policy); result.Permissions.Should().BeEmpty(); }
public async Task Evaluate_should_return_remove_duplicate_roles() { _policy.Roles.AddRange(new[] { new Role { Name = "a", Subjects = { "1" } }, new Role { Name = "a", Subjects = { "1" } }, }); var user = TestUser.Create("1"); var result = await LocalPolicyService.EvaluateAsync(user, _policy); result.Roles.Should().BeEquivalentTo(new[] { "a" }); }
public async Task Evaluate_should_not_return_unmatched_roles() { _policy.Roles.AddRange(new[] { new Role { Name = "c", Subjects = { "2" } }, new Role { Name = "a", Subjects = { "3" } }, new Role { Name = "b", Subjects = { "2" } }, }); var user = TestUser.Create("1"); var result = await LocalPolicyService.EvaluateAsync(user, _policy); result.Roles.Should().BeEmpty(); }
public void Evaluate_should_require_user() { Func <Task> a = () => LocalPolicyService.EvaluateAsync(null, _policy); a.Should().Throw <ArgumentNullException>(); }