public void GetAuthorisedApplicationReviewAsync_ShouldAllowForEmployerAccountId(string applicationReviewEmployerAccountId, string requestedEmployerAccountId, bool shouldAllow) { var applicationReviewId = Guid.NewGuid(); var client = new Mock <IRecruitVacancyClient>(); client.Setup(c => c.GetApplicationReviewAsync(applicationReviewId)).Returns(Task.FromResult( new ApplicationReview { Id = applicationReviewId, EmployerAccountId = applicationReviewEmployerAccountId, VacancyReference = 1000000001 })); var rm = new ApplicationReviewRouteModel { EmployerAccountId = requestedEmployerAccountId, ApplicationReviewId = applicationReviewId }; Func <Task <ApplicationReview> > act = () => Utility.GetAuthorisedApplicationReviewAsync(client.Object, rm); if (shouldAllow) { var applicationReview = act().Result; applicationReview.EmployerAccountId.Should().Be(requestedEmployerAccountId); } else { var ex = Assert.ThrowsAsync <AuthorisationException>(act); ex.Result.Message.Should().Be($"The employer account 'ANOTHER EMPLOYER ACCOUNT ID' cannot access employer account 'EMPLOYER ACCOUNT ID' application '{applicationReviewId}' for vacancy '1000000001'."); } }
public async Task GetAuthorisedApplicationReviewAsync_ShouldAllowForProviderAssociatedUkprn() { const long requestedUkprn = 12345678; var rm = new ApplicationReviewRouteModel { Ukprn = requestedUkprn, ApplicationReviewId = _applicationReviewId, VacancyId = _vacancyId }; var applicationReview = await Utility.GetAuthorisedApplicationReviewAsync(_mockVacancyClient.Object, rm); applicationReview.Should().NotBeNull(); }
public async Task GetAuthorisedApplicationReviewAsync_ShouldAllowForAssociatedEmployerAccountId() { const string requestedEmployerAccountId = "EMPLOYER ACCOUNT ID"; var rm = new ApplicationReviewRouteModel { EmployerAccountId = requestedEmployerAccountId, ApplicationReviewId = _applicationReviewId, VacancyId = _vacancyId }; var applicationReview = await Utility.GetAuthorisedApplicationReviewAsync(_mockVacancyClient.Object, rm); applicationReview.Should().NotBeNull(); }
public async Task <ApplicationReview> GetAuthorisedApplicationReviewAsync(ApplicationReviewRouteModel rm) { var applicationReview = _vacancyClient.GetApplicationReviewAsync(rm.ApplicationReviewId); var vacancy = _vacancyClient.GetVacancyAsync(rm.VacancyId); await Task.WhenAll(applicationReview, vacancy); try { CheckAuthorisedAccess(vacancy.Result, rm.EmployerAccountId); return(applicationReview.Result); } catch (Exception) { throw new AuthorisationException(string.Format(ExceptionMessages.ApplicationReviewUnauthorisedAccess, rm.EmployerAccountId, vacancy.Result.EmployerAccountId, rm.ApplicationReviewId, vacancy.Result.Id)); } }
public async Task GetAuthorisedApplicationReviewAsync_ShouldNotAllowForProviderUnassociatedUkprn() { const long requestedUkprn = 123456789; var rm = new ApplicationReviewRouteModel { Ukprn = requestedUkprn, ApplicationReviewId = _applicationReviewId, VacancyId = _vacancyId }; Func <Task <ApplicationReview> > act = () => Utility.GetAuthorisedApplicationReviewAsync(_mockVacancyClient.Object, rm); var ex = await Assert.ThrowsAsync <AuthorisationException>(act); ex.Message.Should().Be( $"The provider account '{requestedUkprn}' cannot access provider account '{_applicationReviewUkprn}' " + $"application '{rm.ApplicationReviewId}' for vacancy '{_vacancyId}'."); }
public async Task GetAuthorisedApplicationReviewAsync_ShouldNotAllowForUnassociatedEmployerAccountId() { const string requestedEmployerAccountId = "WRONG EMPLOYER ACCOUNT ID"; var rm = new ApplicationReviewRouteModel { EmployerAccountId = requestedEmployerAccountId, ApplicationReviewId = _applicationReviewId, VacancyId = _vacancyId }; Func <Task <ApplicationReview> > act = () => Utility.GetAuthorisedApplicationReviewAsync(_mockVacancyClient.Object, rm); var ex = await Assert.ThrowsAsync <AuthorisationException>(act); ex.Message.Should().Be($"The employer account '{requestedEmployerAccountId}' " + $"cannot access employer account '{ApplicationReviewEmployerAccountId}' " + $"application '{rm.ApplicationReviewId}' for " + $"vacancy '{_vacancyId}'."); }
public async Task <ApplicationReviewViewModel> GetApplicationReviewViewModelAsync(ApplicationReviewRouteModel rm) { var applicationReview = await Utility.GetAuthorisedApplicationReviewAsync(_vacancyClient, rm); if (applicationReview.IsWithdrawn) { throw new ApplicationWithdrawnException($"Application has been withdrawn. ApplicationReviewId:{applicationReview.Id}", rm.VacancyId.Value); } return(applicationReview.ToViewModel()); }
public static async Task <ApplicationReview> GetAuthorisedApplicationReviewAsync(IRecruitVacancyClient vacancyClient, ApplicationReviewRouteModel rm) { var applicationReview = await vacancyClient.GetApplicationReviewAsync(rm.ApplicationReviewId); var vacancy = await vacancyClient.GetVacancyAsync(rm.VacancyId.GetValueOrDefault()); try { CheckAuthorisedAccess(vacancy, rm.Ukprn); return(applicationReview); } catch (Exception) { throw new AuthorisationException(string.Format(ExceptionMessages.ApplicationReviewUnauthorisedAccessForProvider, rm.Ukprn, vacancy.TrainingProvider.Ukprn, rm.ApplicationReviewId, vacancy.Id)); } }
public async Task <IActionResult> ApplicationReview(ApplicationReviewRouteModel rm) { var vm = await _orchestrator.GetApplicationReviewViewModelAsync(rm); return(View(vm)); }
public static async Task <ApplicationReview> GetAuthorisedApplicationReviewAsync(IRecruitVacancyClient client, ApplicationReviewRouteModel rm) { var applicationReview = await client.GetApplicationReviewAsync(rm.ApplicationReviewId); //TODO: this needs changing when we implement application review story if (applicationReview.EmployerAccountId == rm.Ukprn.ToString()) // needs to be reviewed { return(applicationReview); } throw new AuthorisationException(string.Format(ExceptionMessages.ApplicationReviewUnauthorisedAccess, rm.Ukprn, applicationReview.EmployerAccountId, applicationReview.Id, applicationReview.VacancyReference)); // needs to be reviewed }
public static async Task <ApplicationReview> GetAuthorisedApplicationReviewAsync(IRecruitVacancyClient client, ApplicationReviewRouteModel rm) { var applicationReview = await client.GetApplicationReviewAsync(rm.ApplicationReviewId); if (applicationReview.EmployerAccountId == rm.EmployerAccountId) { return(applicationReview); } throw new AuthorisationException(string.Format(ExceptionMessages.ApplicationReviewUnauthorisedAccess, rm.EmployerAccountId, applicationReview.EmployerAccountId, applicationReview.Id, applicationReview.VacancyReference)); }
public static async Task <ApplicationReview> GetAuthorisedApplicationReviewAsync(IRecruitVacancyClient client, ApplicationReviewRouteModel rm) { var applicationReview = await client.GetApplicationReviewAsync(rm.ApplicationReviewId); var vacancy = await client.GetVacancyAsync(rm.VacancyId); try { CheckAuthorisedAccess(vacancy, rm.EmployerAccountId); return(applicationReview); } catch (Exception) { throw new AuthorisationException(string.Format(ExceptionMessages.ApplicationReviewUnauthorisedAccess, rm.EmployerAccountId, vacancy.EmployerAccountId, rm.ApplicationReviewId, vacancy.Id)); } }