Esempio n. 1
0
        public void AuthorizationAttribute_Test()
        {
            var sessionItems = new System.Web.SessionState.SessionStateItemCollection();
            var controllerContext = new FakeControllerContext(TestHelper.Resolve<TopicsController>(), "http://localhost", null, null, new System.Collections.Specialized.NameValueCollection(), new System.Collections.Specialized.NameValueCollection(), new System.Web.HttpCookieCollection(), sessionItems);
            var context = new AuthorizationContext(controllerContext, new FakeActionDescriptor());
            var att = new RequireAuthorizationAttribute(UserRole.Member);
            att.Routes.Add(new StrictRoute("login", new MvcRouteHandler())
            {
                Url = "login",
                Defaults = new System.Web.Routing.RouteValueDictionary(new
                {
                    controller = "Authentication",
                    action = "Login"
                })
            });
            context.Result = null;
            att.OnAuthorization(context);
            Assert.IsInstanceOfType(context.Result, typeof(RedirectResult));

            //Test with user
            User user = ServicesTests.GetTestUser();
            sessionItems["User"] = new UserState(user, AuthenticationProvider.Facebook);
            context.Result = null;
            att.OnAuthorization(context);
            Assert.IsNull(context.Result);
        }
 public static SessionStateItemCollection GetSessionWithTestUser()
 {
     SessionStateItemCollection sessionItems = new SessionStateItemCollection();
     User user = ServicesTests.GetTestUser();
     sessionItems["User"] = new UserState(user, AuthenticationProvider.Facebook);
     return sessionItems;
 }
 /// <summary>
 /// Determines if a user is authorized
 /// </summary>
 /// <param name="user"></param>
 /// <returns></returns>
 protected virtual bool IsAuthorized(UserState user)
 {
     if (user == null)
     {
         return false;
     }
     if (this.UserRole != null)
     {
         if (user.Role < this.UserRole.Value)
         {
             return false;
         }
     }
     return true;
 }