public void AuthorizeCoreTest2() { CcAuthorizeAttribute_Accessor target = new CcAuthorizeAttribute_Accessor(new FixedRoles[] { FixedRoles.Ser, FixedRoles.AgencyUser }); myHttpContext httpContext = new myHttpContext(); httpContext.User = new myUser(); // is it possible that user is not initialized ? // if it is this test should return false //Assert.IsFalse(target.AuthorizeCore(httpContext)); ccEntities db = initDB(); httpContext.User = new myUser() { role = FixedRoles.AgencyOfficer, Identity = new myIdentity() { Name = "YosiAgencyOfficer", IsAuthenticated = false } }; ////should deny unauthorized user Assert.IsFalse(target.Auth(httpContext, db)); httpContext.User = new myUser() { role = FixedRoles.AgencyOfficer, Identity = new myIdentity() { Name = "YosiAgencyOfficer", IsAuthenticated = true } }; ////should deny user from different role Assert.IsFalse(target.Auth(httpContext, db)); httpContext.User = new myUser() { role = FixedRoles.Admin, Identity = new myIdentity() { Name = "YosiAdmin", IsAuthenticated = true } }; ((myUser)(httpContext.User)).role = FixedRoles.Admin; ////should allow the same role Assert.IsFalse(target.Auth(httpContext, db)); httpContext.User = new myUser() { role = FixedRoles.AgencyUser, Identity = new myIdentity() { Name = "YosiAgencyUser", IsAuthenticated = true } }; ((myUser)(httpContext.User)).role = FixedRoles.AgencyUser; Assert.IsTrue(target.Auth(httpContext, db)); httpContext.User = new myUser() { role = FixedRoles.GlobalOfficer, Identity = new myIdentity() { Name = "YosiGlobalOfficer", IsAuthenticated = true } }; ((myUser)(httpContext.User)).role = FixedRoles.GlobalOfficer; Assert.IsFalse(target.Auth(httpContext, db)); httpContext.User = new myUser() { role = FixedRoles.Ser, Identity = new myIdentity() { Name = "YosiSer", IsAuthenticated = true } }; ((myUser)(httpContext.User)).role = FixedRoles.Ser; Assert.IsTrue(target.Auth(httpContext, db)); }
public void AuthorizeCoreTest() { CcAuthorizeAttribute_Accessor target = new CcAuthorizeAttribute_Accessor(FixedRoles.Admin); // TODO: Initialize to an appropriate value //target.CurrentUser = new User() ; //HttpContextBase httpContext = null; // TODO: Initialize to an appropriate value //Mock<HttpContextWrapper> mock = new Mock<HttpContextWrapper>(new object[1] {null}); myHttpContext httpContext = new myHttpContext(); httpContext.User = new myUser(); ccEntities db = initDB(); ////should deny an empty user //Assert.IsFalse(target.AuthorizeCore(httpContext)); httpContext.User = new myUser() { role = FixedRoles.AgencyOfficer, Identity = new myIdentity() { Name = "YosiAgencyOfficer", IsAuthenticated = false } }; ////should deny unauthorized user Assert.IsFalse(target.Auth(httpContext, db)); httpContext.User = new myUser() { role = FixedRoles.AgencyOfficer, Identity = new myIdentity() { Name = "YosiAgencyOfficer", IsAuthenticated = true } }; ////should deny user from different role Assert.IsFalse(target.Auth(httpContext, db)); httpContext.User = new myUser() { role = FixedRoles.Admin, Identity = new myIdentity() { Name = "YosiAdmin", IsAuthenticated = true } }; ((myUser)(httpContext.User)).role = FixedRoles.Admin; ////should allow the same role Assert.IsTrue(target.Auth(httpContext, db)); httpContext.User = new myUser() { role = FixedRoles.AgencyUser, Identity = new myIdentity() { Name = "YosiAgencyUser", IsAuthenticated = true } }; ((myUser)(httpContext.User)).role = FixedRoles.AgencyUser; Assert.IsFalse(target.Auth(httpContext, db)); httpContext.User = new myUser() { role = FixedRoles.GlobalOfficer, Identity = new myIdentity() { Name = "YosiGlobalOfficer", IsAuthenticated = true } }; ((myUser)(httpContext.User)).role = FixedRoles.GlobalOfficer; Assert.IsFalse(target.Auth(httpContext, db)); httpContext.User = new myUser() { role = FixedRoles.Ser, Identity = new myIdentity() { Name = "YosiSer", IsAuthenticated = true } }; ((myUser)(httpContext.User)).role = FixedRoles.Ser; Assert.IsFalse(target.Auth(httpContext, db)); ////should deny an empty user //Assert.IsFalse(target.AuthorizeCore(httpContext)); ////should deny user from different role //target.CurrentUser.RoleId = (int)FixedRoles.AgencyOfficer; //Assert.IsFalse(target.AuthorizeCore(httpContext)); ////should allow the same role //target.CurrentUser.RoleId = (int)FixedRoles.Admin; //Assert.IsTrue(target.AuthorizeCore(httpContext)); ////should deny undefined role //target.CurrentUser.RoleId = (int)(FixedRoles.AgencyOfficer|FixedRoles.Admin); //Assert.IsFalse(target.AuthorizeCore(httpContext)); }