public void BuildActionModel_WithoutGlobalAuthorizationFilter_CustomCorsAuthorizationFilterOnAction_EnablesCorsPreflight()
{
// Arrange
var corsProvider = new CorsApplicationModelProvider(OptionsWithoutEndpointRouting);
var context = GetProviderContext(typeof(CustomCorsFilterOnActionController));
// Act
corsProvider.OnProvidersExecuting(context);
// Assert
var controller = Assert.Single(context.Result.Controllers);
var action = Assert.Single(controller.Actions);
var selector = Assert.Single(action.Selectors);
var constraint = Assert.Single(selector.ActionConstraints, c => c is HttpMethodActionConstraint);
Assert.IsType <CorsHttpMethodActionConstraint>(constraint);
}
public void OnProvidersExecuting_WithoutGlobalAuthorizationFilter_CorsNotInUseDoesNotOverrideHttpConstraints()
{
// Arrange
var corsProvider = new CorsApplicationModelProvider(OptionsWithoutEndpointRouting);
var context = GetProviderContext(typeof(RegularController));
// Act
corsProvider.OnProvidersExecuting(context);
// Assert
var model = Assert.Single(context.Result.Controllers);
var action = Assert.Single(model.Actions);
var selector = Assert.Single(action.Selectors);
var constraint = Assert.Single(selector.ActionConstraints, c => c is HttpMethodActionConstraint);
Assert.IsNotType <CorsHttpMethodActionConstraint>(constraint);
}
public void OnProvidersExecuting_WithoutGlobalAuthorizationFilter_EnableCorsAttributeAddsCorsAuthorizationFilterFactory()
{
// Arrange
var corsProvider = new CorsApplicationModelProvider(OptionsWithoutEndpointRouting);
var context = GetProviderContext(typeof(CorsController));
// Act
corsProvider.OnProvidersExecuting(context);
// Assert
var model = Assert.Single(context.Result.Controllers);
Assert.Single(model.Filters, f => f is CorsAuthorizationFilterFactory);
var action = Assert.Single(model.Actions);
var selector = Assert.Single(action.Selectors);
var constraint = Assert.Single(selector.ActionConstraints, c => c is HttpMethodActionConstraint);
Assert.IsType <CorsHttpMethodActionConstraint>(constraint);
}
public void OnProvidersExecuting_WithoutGlobalAuthorizationFilter_DisableCorsGloballyEnablesCorsPreflight()
{
// Arrange
var corsProvider = new CorsApplicationModelProvider(OptionsWithoutEndpointRouting);
var context = GetProviderContext(typeof(RegularController));
context.Result.Filters.Add(new DisableCorsAuthorizationFilter());
// Act
corsProvider.OnProvidersExecuting(context);
// Assert
var model = Assert.Single(context.Result.Controllers);
var action = Assert.Single(model.Actions);
var selector = Assert.Single(action.Selectors);
var constraint = Assert.Single(selector.ActionConstraints, c => c is HttpMethodActionConstraint);
Assert.IsType <CorsHttpMethodActionConstraint>(constraint);
}
public void CreateControllerModel_CustomCorsFilter_EnablesCorsPreflight()
{
// Arrange
var corsProvider = new CorsApplicationModelProvider();
var context = GetProviderContext(typeof(CustomCorsFilterController));
// Act
corsProvider.OnProvidersExecuting(context);
// Assert
var controller = Assert.Single(context.Result.Controllers);
var action = Assert.Single(controller.Actions);
var selector = Assert.Single(action.Selectors);
var constraint = Assert.Single(selector.ActionConstraints, c => c is HttpMethodActionConstraint);
Assert.IsType <CorsHttpMethodActionConstraint>(constraint);
var httpMethodMetadata = Assert.Single(selector.EndpointMetadata.OfType <HttpMethodMetadata>());
Assert.True(httpMethodMetadata.AcceptCorsPreflight);
}
public void CreateControllerModel_CorsNotInUseDoesNotOverrideHttpConstraints()
{
// Arrange
var corsProvider = new CorsApplicationModelProvider();
var context = GetProviderContext(typeof(RegularController));
// Act
corsProvider.OnProvidersExecuting(context);
// Assert
var model = Assert.Single(context.Result.Controllers);
var action = Assert.Single(model.Actions);
var selector = Assert.Single(action.Selectors);
var constraint = Assert.Single(selector.ActionConstraints, c => c is HttpMethodActionConstraint);
Assert.IsNotType <CorsHttpMethodActionConstraint>(constraint);
var httpMethodMetadata = Assert.Single(selector.EndpointMetadata.OfType <HttpMethodMetadata>());
Assert.False(httpMethodMetadata.AcceptCorsPreflight);
}
public void BuildActionModel_EnableCorsAttributeAddsCorsAuthorizationFilterFactory()
{
// Arrange
var corsProvider = new CorsApplicationModelProvider();
var context = GetProviderContext(typeof(EnableCorsController));
// Act
corsProvider.OnProvidersExecuting(context);
// Assert
var controller = Assert.Single(context.Result.Controllers);
var action = Assert.Single(controller.Actions);
Assert.Single(action.Filters, f => f is CorsAuthorizationFilterFactory);
var selector = Assert.Single(action.Selectors);
var constraint = Assert.Single(selector.ActionConstraints, c => c is HttpMethodActionConstraint);
Assert.IsType <CorsHttpMethodActionConstraint>(constraint);
var httpMethodMetadata = Assert.Single(selector.EndpointMetadata.OfType <HttpMethodMetadata>());
Assert.True(httpMethodMetadata.AcceptCorsPreflight);
}
public void CreateControllerModel_EnableCorsGloballyEnablesCorsPreflight()
{
// Arrange
var corsProvider = new CorsApplicationModelProvider();
var context = GetProviderContext(typeof(RegularController));
context.Result.Filters.Add(
new CorsAuthorizationFilter(Mock.Of <ICorsService>(), Mock.Of <ICorsPolicyProvider>(), Mock.Of <ILoggerFactory>()));
// Act
corsProvider.OnProvidersExecuting(context);
// Assert
var model = Assert.Single(context.Result.Controllers);
var action = Assert.Single(model.Actions);
var selector = Assert.Single(action.Selectors);
var constraint = Assert.Single(selector.ActionConstraints, c => c is HttpMethodActionConstraint);
Assert.IsType <CorsHttpMethodActionConstraint>(constraint);
var httpMethodMetadata = Assert.Single(selector.EndpointMetadata.OfType <HttpMethodMetadata>());
Assert.True(httpMethodMetadata.AcceptCorsPreflight);
}
public void OnProvidersExecuting_SetsEndpointMetadata_IfCorsAttributeIsPresentOnAction()
{
// Arrange
var corsProvider = new CorsApplicationModelProvider(Options.Create(new MvcOptions()));
var context = GetProviderContext(typeof(DisableCorsActionController));
// Act
corsProvider.OnProvidersExecuting(context);
// Assert
var model = Assert.Single(context.Result.Controllers);
Assert.Empty(model.Filters);
var action = Assert.Single(model.Actions);
var selector = Assert.Single(action.Selectors);
var constraint = Assert.Single(selector.ActionConstraints, c => c is HttpMethodActionConstraint);
Assert.IsNotType <CorsHttpMethodActionConstraint>(constraint);
var httpMethodMetadata = Assert.Single(selector.EndpointMetadata.OfType <HttpMethodMetadata>());
Assert.True(httpMethodMetadata.AcceptCorsPreflight);
}
