public void OnException_WhenAnUnauthorizedAccessExceptionIsThrownForTier2UserAndNoHashedAccountIdIsSet_ButClaimValueIsSet_ThenReturnToAccessDenied() { //Arrange ExceptionContext.Exception = Exception; mockContext.Setup(x => x.Request.RequestContext.RouteData).Returns(RouteData); ExceptionContext.HttpContext = mockContext.Object; var identityMock = new Mock <ClaimsIdentity>(); var cp = new Mock <ClaimsPrincipal>(); cp.Setup(m => m.IsInRole(Tier2User)).Returns(true); cp.Setup(m => m.HasClaim(It.IsAny <string>(), It.IsAny <string>())).Returns(true); cp.Setup(m => m.Identity).Returns(identityMock.Object); mockContext.Setup(ctx => ctx.User).Returns(cp.Object); _mockAuthenticationService.Setup(m => m.HasClaim(ClaimsIdentity.DefaultRoleClaimType, Tier2User)).Returns(true); //Act UnauthorizedAccessExceptionFilter.OnException(ExceptionContext); //Assert var redirectToRouteResult = ExceptionContext.Result as RedirectToRouteResult; Assert.That(redirectToRouteResult, Is.Not.Null); Assert.That(redirectToRouteResult.RouteValues["controller"], Is.EqualTo("Error")); Assert.That(redirectToRouteResult.RouteValues["action"], Is.EqualTo($"accessdenied")); }
public void OnException_WhenAnUnauthorizedAccessExceptionIsThrownForTier2User_ThenExceptionShouldBeHandled() { //Arrange ExceptionContext.Exception = Exception; mockContext.Setup(x => x.Request.RequestContext.RouteData).Returns(RouteData); ExceptionContext.HttpContext = mockContext.Object; //Act UnauthorizedAccessExceptionFilter.OnException(ExceptionContext); //Assert Assert.IsTrue(ExceptionContext.ExceptionHandled); }
public void OnException_WhenAnUnauthorizedAccessExceptionIsThrownForTier2User_ThenReturnToAccessDenied(string role) { //Arrange ExceptionContext.Exception = Exception; RouteData.Values.Add(RouteValueKeys.AccountHashedId, HashedAccountId); mockContext.Setup(x => x.Request.RequestContext.RouteData).Returns(RouteData); ExceptionContext.HttpContext = mockContext.Object; _mockAuthenticationService.Setup(m => m.HasClaim(ClaimsIdentity.DefaultRoleClaimType, role)).Returns(true); //Act UnauthorizedAccessExceptionFilter.OnException(ExceptionContext); //Assert var redirectToRouteResult = ExceptionContext.Result as RedirectToRouteResult; Assert.That(redirectToRouteResult, Is.Not.Null); Assert.That(redirectToRouteResult.RouteValues["controller"], Is.EqualTo("Error")); Assert.That(redirectToRouteResult.RouteValues["action"], Is.EqualTo($"accessdenied/{HashedAccountId}")); }