public void BuildActionModels_BaseAuthorizeFiltersAreStillValidWhenOverriden() { // Arrange var options = Options.Create(new AuthorizationOptions()); options.Value.AddPolicy("Base", policy => policy.RequireClaim("Basic").RequireClaim("Basic2")); options.Value.AddPolicy("Derived", policy => policy.RequireClaim("Derived")); var provider = new AuthorizationApplicationModelProvider( new DefaultAuthorizationPolicyProvider(options), OptionsWithoutEndpointRouting); var context = CreateProviderContext(typeof(DerivedController)); // Act provider.OnProvidersExecuting(context); // Assert var controller = Assert.Single(context.Result.Controllers); var action = Assert.Single(controller.Actions); Assert.Equal("Authorize", action.ActionName); var attributeRoutes = action.Selectors.Where(sm => sm.AttributeRouteModel != null); Assert.Empty(attributeRoutes); var authorizeFilters = action.Filters.OfType <AuthorizeFilter>(); Assert.Single(authorizeFilters); Assert.NotNull(authorizeFilters.First().Policy); Assert.Equal(3, authorizeFilters.First().Policy.Requirements.Count()); // Basic + Basic2 + Derived authorize }
private ActionModel GetBaseControllerActionModel(AuthorizationApplicationModelProvider authorizationApplicationModelProvider) { var context = CreateProviderContext(typeof(BaseController)); authorizationApplicationModelProvider.OnProvidersExecuting(context); var controller = Assert.Single(context.Result.Controllers); Assert.Empty(controller.Filters); var action = Assert.Single(controller.Actions); return(action); }
public void CreateControllerModel_AuthorizeAttributeAddsAuthorizeFilter() { // Arrange var provider = new AuthorizationApplicationModelProvider( new DefaultAuthorizationPolicyProvider(Options.Create(new AuthorizationOptions())), OptionsWithoutEndpointRouting); var controllerType = typeof(AccountController); var context = CreateProviderContext(controllerType); // Act provider.OnProvidersExecuting(context); // Assert var controller = Assert.Single(context.Result.Controllers); Assert.Single(controller.Filters, f => f is AuthorizeFilter); }
public void OnProvidersExecuting_AllowAnonymousAttribute_DoesNothing_WhenEnableRoutingIsEnabled() { // Arrange var provider = new AuthorizationApplicationModelProvider( new DefaultAuthorizationPolicyProvider(Options.Create(new AuthorizationOptions())), Options.Create(new MvcOptions())); var controllerType = typeof(AnonymousController); var context = CreateProviderContext(controllerType); // Act provider.OnProvidersExecuting(context); // Assert var controller = Assert.Single(context.Result.Controllers); Assert.Empty(controller.Filters); }
public void CreateControllerModelAndActionModel_NoAuthNoFilter() { // Arrange var provider = new AuthorizationApplicationModelProvider( new DefaultAuthorizationPolicyProvider(Options.Create(new AuthorizationOptions())), OptionsWithoutEndpointRouting); var context = CreateProviderContext(typeof(NoAuthController)); // Act provider.OnProvidersExecuting(context); // Assert var controller = Assert.Single(context.Result.Controllers); Assert.Empty(controller.Filters); var action = Assert.Single(controller.Actions); Assert.Empty(action.Filters); }
public void CreateControllerModelAndActionModel_AllowAnonymousAttributeAddsAllowAnonymousFilter() { // Arrange var provider = new AuthorizationApplicationModelProvider( new DefaultAuthorizationPolicyProvider(Options.Create(new AuthorizationOptions())), OptionsWithoutEndpointRouting); var context = CreateProviderContext(typeof(AnonymousController)); // Act provider.OnProvidersExecuting(context); // Assert var controller = Assert.Single(context.Result.Controllers); Assert.Single(controller.Filters, f => f is AllowAnonymousFilter); var action = Assert.Single(controller.Actions); Assert.Single(action.Filters, f => f is AllowAnonymousFilter); }