public async Task CreateTestScenario_WhenUserDoesHaveCreateQaTestPermission_ThenActionAllowed() { // Arrange string specificationId = "abc123"; IAuthorizationHelper authorizationHelper = Substitute.For <IAuthorizationHelper>(); authorizationHelper .DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanCreateQaTests)) .Returns(true); IScenariosApiClient scenariosClient = CreateScenariosClient(); scenariosClient .CreateTestScenario(Arg.Any <CreateScenarioModel>()) .Returns(new ApiResponse <TestScenario>(HttpStatusCode.OK, new TestScenario())); ScenarioController controller = CreateScenarioController(authorizationHelper: authorizationHelper, scenariosClient: scenariosClient); // Act IActionResult result = await controller.CreateTestScenario(specificationId, new ScenarioCreateViewModel()); // Assert result.Should().BeOfType <OkObjectResult>(); }
public async Task CreateTestScenario_WhenUserDoesNotHaveCreateQaTestPermission_ThenReturn403() { // Arrange string specificationId = "abc123"; IAuthorizationHelper authorizationHelper = Substitute.For <IAuthorizationHelper>(); authorizationHelper .DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanCreateQaTests)) .Returns(false); ScenarioController controller = CreateScenarioController(authorizationHelper: authorizationHelper); // Act IActionResult result = await controller.CreateTestScenario(specificationId, new ScenarioCreateViewModel()); // Assert result.Should().BeOfType <ForbidResult>(); }