Esempio n. 1
0
        public async void HandleRequirementAsync_WillNotSucceed_WhenUser_DoesNotHavePermission()
        {
            var mockAccessControlService = new Mock <IAccessControlService>();
            var mockLoggerFactory        = new Mock <ILoggerFactory>();

            //GetAll here returns no permissions for this user, user needs MKD_SCENARIO_CREATE to meet the requirement.
            mockAccessControlService.Setup(x => x.GetAll(It.IsAny <string>())).Returns(new SmOrganisationData()
            {
                Permissions = new List <SmPermission>()
            });
            mockLoggerFactory.Setup(x => x.CreateLogger(It.IsAny <string>())).Returns(new Mocklogger());

            var user = new ClaimsPrincipal(new ClaimsIdentity(new List <Claim> {
                new Claim(ClaimTypes.Email, "*****@*****.**")
            }));
            var requirement = new ServerAuthorizationRequirement(Policies.MKD_SCENARIO_CREATE);

            var filterContext = new AuthorizationFilterContext(
                new Microsoft.AspNetCore.Mvc.ActionContext(new MockHttpContext {
            },
                                                           new Microsoft.AspNetCore.Routing.RouteData {
            },
                                                           new Microsoft.AspNetCore.Mvc.Abstractions.ActionDescriptor())
                , new List <IFilterMetadata> {
            });

            var authzContext = new AuthorizationHandlerContext(new List <IAuthorizationRequirement> {
                requirement
            }, user, filterContext);

            var authzHandler = new ServerAuthorizationHandler(mockLoggerFactory.Object, mockAccessControlService.Object);
            await authzHandler.HandleAsync(authzContext);

            Assert.False(authzContext.HasSucceeded);
        }
Esempio n. 2
0
        public async void HandleRequirementAsync_WillNotSucceed_When_EmailAddress_IsNotValid()
        {
            var mockAccessControlService = new Mock <IAccessControlService>();
            var mockLoggerFactory        = new Mock <ILoggerFactory>();

            //GetAll here returns no permissions for this user, user needs MKD_SCENARIO_CREATE to meet the requirement.
            mockAccessControlService.Setup(x => x.GetAll(It.IsAny <string>())).Returns(
                new SmOrganisationData
            {
                Permissions = new List <SmPermission>()
                {
                    new SmPermission {
                        PermissionCode = Policies.MKD_SCENARIO_CREATE
                    }
                }
            }
                );

            mockLoggerFactory.Setup(x => x.CreateLogger(It.IsAny <string>())).Returns(new Mocklogger());

            var user = new ClaimsPrincipal(new ClaimsIdentity(new List <Claim> {
                new Claim(ClaimTypes.Email, "invalidEmailString")
            }));
            var requirement = new ServerAuthorizationRequirement(Policies.MKD_SCENARIO_CREATE);

            var authzContext = new AuthorizationHandlerContext(new List <IAuthorizationRequirement> {
                requirement
            }, user, null);

            var authzHandler = new ServerAuthorizationHandler(mockLoggerFactory.Object, mockAccessControlService.Object);
            await authzHandler.HandleAsync(authzContext);

            Assert.False(authzContext.HasSucceeded);
        }