public void ShouldCanViewOwnQuery() { const long userId = 123; const int queryId = 5235; const long projectId = 234; var query = new Queries { CreatedById = userId, Id = queryId, ProjectId = projectId, Privacy = (int)QueryPrivacyType.Private }; _userAuthorityValidator.Setup(_ => _.HasUserAuthorities( userId, new[] { Authorities.UI.Queries.ViewQuery }, projectId)) .Returns(true); var result = _target.IsCanView(query, userId); result.Should().BeTrue(); }
public QueryInfo Get(long queryId) { var query = _queryRepository.GetById(queryId); if (query == null) { throw new QueryDoesNotExistsException(queryId); } if (!_queryAccessValidator.IsCanView(query, _userPrincipal.Info.Id)) { throw new UnauthorizedAccessException(); } return(ProcessQuery(query)); }