public void CheckPermission_should_not_throw_exception_if_content_is_from_current_user() { var content = CreateContent(status: Status.Published); var command = CreateCommand(new DeleteContent()); GuardContent.CheckPermission(content, command, Permissions.AppContentsDelete); }
public void CheckPermission_should_exception_if_content_is_from_another_user_and_user_has_no_permission() { var content = CreateContent(Status.Published); var commandActor = RefToken.User("456"); var command = CreateCommand(new DeleteContent { Actor = commandActor }); Assert.Throws <DomainForbiddenException>(() => GuardContent.CheckPermission(content, command, Permissions.AppContentsDelete)); }
public void CheckPermission_should_not_throw_exception_if_user_is_null() { var content = CreateContent(Status.Published); var commandActor = RefToken.User("456"); var command = CreateCommand(new DeleteContent { Actor = commandActor }); command.User = null; GuardContent.CheckPermission(content, command, Permissions.AppContentsDelete); }
public void CheckPermission_should_not_throw_exception_if_content_is_from_another_user_but_user_has_permission() { var content = CreateContent(Status.Published); var permission = Permissions.ForApp(Permissions.AppContentsDelete, appId.Name, schemaId.Name).Id; var commandUser = Mocks.FrontendUser(permission: permission); var commandActor = RefToken.User("456"); var command = CreateCommand(new DeleteContent { Actor = commandActor, User = commandUser }); GuardContent.CheckPermission(content, command, Permissions.AppContentsDelete); }