public async Task HandleAsync_WithNonInternalAccess_ThrowsSecurityException(AuthorizationBuilder.UserType userType)
{
var handler = new CheckAatfCanBeDeletedHandler(AuthorizationBuilder.CreateFromUserType(userType), aatfDeletionStatus, organisationDeletionStatus, aatfDataAccess);
Func <Task> action = async() => await handler.HandleAsync(A.Dummy <CheckAatfCanBeDeleted>());
await Assert.ThrowsAsync <SecurityException>(action);
}
public async Task HandleAsync_WithNonInternalAdminRole_ThrowsSecurityException()
{
var handler = new CheckAatfCanBeDeletedHandler(new AuthorizationBuilder().DenyRole(Roles.InternalAdmin).Build(), aatfDeletionStatus, organisationDeletionStatus, aatfDataAccess);
Func <Task> action = async() => await handler.HandleAsync(A.Dummy <CheckAatfCanBeDeleted>());
await Assert.ThrowsAsync <SecurityException>(action);
}
public CheckAatfCanBeDeletedHandlerTests()
{
aatfDeletionStatus = A.Fake <IGetAatfDeletionStatus>();
organisationDeletionStatus = A.Fake <IGetOrganisationDeletionStatus>();
aatfDataAccess = A.Fake <IAatfDataAccess>();
fixture = new Fixture();
handler = new CheckAatfCanBeDeletedHandler(new AuthorizationBuilder().AllowInternalAreaAccess().Build(),
aatfDeletionStatus,
organisationDeletionStatus,
aatfDataAccess);
}
