public static async Task OnAuthorizationAsync_UserHasSamePrimaryOrganisationId_ReturnsExpectedValue( [Frozen] ApplicationDbContext dbContext, [Frozen] CallOffId callOffId, Order order, OrderLookupOrganisationAuthorizationFilter filter) { dbContext.Order.Add(order); await dbContext.SaveChangesAsync(); const string parameterName = OrderLookupOrganisationAuthorizationFilter.DefaultParameterName; var user = ClaimsPrincipalBuilder.Create() .WithClaim(ApplicationClaimTypes.Ordering) .WithClaim(UserClaimTypes.PrimaryOrganisationId, order.OrderingParty.Id.ToString()) .Build(); var actionDescriptor = new ActionDescriptor { EndpointMetadata = new object[] { new AuthorizeOrganisationAttribute() }, Parameters = new[] { new ParameterDescriptor { Name = parameterName } }, }; var context = AuthorizationFilterContextBuilder.Create() .WithActionDescription(actionDescriptor) .WithRouteValue(parameterName, callOffId.ToString()) .WithUser(user) .Build(); await filter.OnAuthorizationAsync(context); context.Result.Should().BeNull(); }
public static async Task OnAuthorizationAsync_InvalidCallOffId_ReturnsExpectedValue( OrderLookupOrganisationAuthorizationFilter filter) { const string parameterName = OrderLookupOrganisationAuthorizationFilter.DefaultParameterName; var user = ClaimsPrincipalBuilder.Create() .WithClaim(ApplicationClaimTypes.Ordering) .WithClaim(UserClaimTypes.PrimaryOrganisationId) .Build(); var actionDescriptor = new ActionDescriptor { EndpointMetadata = new object[] { new AuthorizeOrganisationAttribute() }, Parameters = new[] { new ParameterDescriptor { Name = parameterName } }, }; var context = AuthorizationFilterContextBuilder.Create() .WithActionDescription(actionDescriptor) .WithRouteValue(parameterName, "InvalidOrderId") .WithUser(user) .Build(); await filter.OnAuthorizationAsync(context); context.Result.Should().NotBeNull(); context.Result.Should().BeOfType <NotFoundResult>(); }