Esempio n. 1
0
        public void Setup()
        {
            LogHelper.ConfigureConsoleLogger();

            var tenantGuid = Guid.NewGuid();

            _tenantIdProvider = Substitute.For <ITenantIdProvider>();
            _tenantIdProvider.GetTenantId().Returns(tenantGuid);

            _accessChecker = new TenantEntityAccessChecker(
                _tenantIdProvider, Substitute.For <ILogger <TenantEntityAccessChecker> >());

            _entity = new TenantOwnedEntity {
                Id = Guid.NewGuid(), TenantId = tenantGuid
            };
            _wrongTenantEntity = new TenantOwnedEntity {
                Id = Guid.NewGuid(), TenantId = Guid.NewGuid()
            };
            _nonTenantEntity = new TenantOwnedEntity {
                Id = Guid.NewGuid(), TenantId = Guid.Empty
            };

            _tenantContext = Substitute.For <IAccessScopeFilter>();
            _tenantContext.AddScopeFilter(Arg.Any <IQueryable <TenantOwnedEntity> >())
            .Returns(e => throw new NotImplementedException());

            SetupRepositoryAndService();
        }
        public void AccessChecker_Should_Permit_SiteUser_Update_Entity_Without_Tenant()
        {
            // Given
            var siteUserTenantIdProvider = BuildEntireSiteUserTenantIdMock();

            var accessChecker = GetAccessCheckerInstance(siteUserTenantIdProvider);

            var entity = new TenantOwnedEntity()
            {
                TenantId = Guid.Empty
            };

            // When
            accessChecker.ValidateAccessToEntityAsync(entity, EntityAction.Update);

            // Then
            // no exception is thrown
        }
Esempio n. 3
0
        public void AccessChecker_Should_Permit_SiteUser_Delete_Entity_Own_Tenant()
        {
            // Given
            var tenantIdProvider = BuildTenantIdProviderForTenantUser();

            var accessChecker = GetAccessCheckerInstance(tenantIdProvider);

            var entity = new TenantOwnedEntity()
            {
                TenantId = tenantIdProvider.GetTenantId()
            };

            // When
            accessChecker.ValidateAccessToEntityAsync(entity, EntityAction.Delete);

            // Then
            // no exception is thrown
        }
Esempio n. 4
0
        public void AccessChecker_Should_NOT_Permit_SiteUser_Read_Entity_Without_Tenant()
        {
            // Given
            var tenantIdProvier = BuildTenantIdProviderForTenantUser();

            var accessChecker = GetAccessCheckerInstance(tenantIdProvier);

            var entity = new TenantOwnedEntity()
            {
                TenantId = Guid.Empty
            };

            // When
            TestDelegate action = () => accessChecker.ValidateAccessToEntityAsync(entity, EntityAction.Read);

            // Then
            // exception is thrown
            Assert.Throws <UnauthorizedAccessException>(action);
        }
Esempio n. 5
0
        public void AccessChecker_Should_Permit_All_Operations_On_Null_Entity()
        {
            // Given
            var tenantUserContext = Substitute.For <IAccessScopeFilter>();
            var tenantIdProvider  = BuildTenantIdProviderForTenantUser();

            var accessChecker = GetAccessCheckerInstance(tenantIdProvider);

            TenantOwnedEntity entity = null;

            // When
            accessChecker.ValidateAccessToEntityAsync(entity, EntityAction.Create);
            accessChecker.ValidateAccessToEntityAsync(entity, EntityAction.Read);
            accessChecker.ValidateAccessToEntityAsync(entity, EntityAction.Update);
            accessChecker.ValidateAccessToEntityAsync(entity, EntityAction.Delete);

            // Then
            // no exception is thrown
        }
Esempio n. 6
0
        public void AccessChecker_Should_NOT_Permit_SiteUser_Delete_Entity_Wrong_Tenant()
        {
            // Given
            var tenantUserContext = BuildTenantIdProviderForTenantUser();

            var tenantIdProvider = GetAccessCheckerInstance(tenantUserContext);

            var entity = new TenantOwnedEntity()
            {
                TenantId = Guid.NewGuid()
            };

            // When
            TestDelegate action = () => tenantIdProvider.ValidateAccessToEntityAsync(entity, EntityAction.Delete);

            // Then
            // exception is thrown
            Assert.Throws <UnauthorizedAccessException>(action);
        }
Esempio n. 7
0
        public void Setup()
        {
            LogHelper.ConfigureConsoleLogger();

            _accessChecker = Substitute.For <IAccessChecker>();
            var tenantGuid = Guid.NewGuid();

            _tenantIdProvider = Substitute.For <ITenantIdProvider>();
            _tenantIdProvider.GetTenantId().Returns(tenantGuid);

            _entity = new TenantOwnedEntity {
                Id = Guid.NewGuid(), TenantId = tenantGuid
            };
            _wrongTenantEntity = new TenantOwnedEntity {
                Id = Guid.NewGuid(), TenantId = Guid.NewGuid()
            };
            _nonTenantEntity = new TenantOwnedEntity {
                Id = Guid.NewGuid(), TenantId = Guid.Empty
            };

            SetupRepositoryAndService();
        }