public async Task GetEffectivePermissionsForUser_WhenUserIsAdmin_ThenReturnFullPermissions()
{
// Arrange
string specificationId = "spec123";
string userId = "testuser";
ClaimsPrincipal user = BuildClaimsPrincipal(userId, true);
IAuthorizationService authorizationService = Substitute.For <IAuthorizationService>();
IUsersApiClient usersClient = Substitute.For <IUsersApiClient>();
AuthorizationHelper authHelper = CreateAuthenticationHelper(authorizationService, usersClient);
// Act
Common.ApiClient.Users.Models.EffectiveSpecificationPermission permissions = await authHelper.GetEffectivePermissionsForUser(user, specificationId);
// Assert
permissions.CanAdministerFundingStream.Should().BeTrue("CanAdministerFundingStream");
permissions.CanApproveFunding.Should().BeTrue("CanApproveFunding");
permissions.CanApproveSpecification.Should().BeTrue("CanApproveSpecification");
permissions.CanChooseFunding.Should().BeTrue("CanChooseFunding");
permissions.CanCreateQaTests.Should().BeTrue("CanCreateQaTests");
permissions.CanCreateSpecification.Should().BeTrue("CanCreateSpecification");
permissions.CanEditCalculations.Should().BeTrue("CanEditCalculations");
permissions.CanEditQaTests.Should().BeTrue("CanEditQaTests");
permissions.CanEditSpecification.Should().BeTrue("CanEditSpecification");
permissions.CanMapDatasets.Should().BeTrue("CanMapDatasets");
permissions.CanPublishFunding.Should().BeTrue("CanPublishFunding");
permissions.CanRefreshFunding.Should().BeTrue("CanRefreshFunding");
}
public async Task <IActionResult> GetEffectivePermissions(string specificationId)
{
Guard.IsNullOrWhiteSpace(specificationId, nameof(specificationId));
Common.ApiClient.Users.Models.EffectiveSpecificationPermission effectivePermissions = await _authorizationHelper.GetEffectivePermissionsForUser(User, specificationId);
return(Ok(effectivePermissions));
}
