public void When_Request_Has_Verb_And_Permissions_DoesNot()
{
AddRoute();
var permissions =
new AuthRoutePermissions(
new Dictionary <string, AuthPermissions>
{
{ "template", new AuthPermissions {
Accepted = new List <string> {
"write", "write2"
}
} }
}, request =>
{
_authResolverCalled = true;
return(new List <string> {
"write"
});
});
var actual = permissions.IsAllowed(_postRequest);
Assert.True(actual);
var getActual = permissions.IsAllowed(_request);
Assert.True(getActual);
}
public void When_RouteTemplate_NotFound_Not_Allowed()
{
AddRoute();
var permissions = new AuthRoutePermissions(new Dictionary <string, AuthPermissions>(),
request =>
{
_authResolverCalled = true;
return(new List <string>());
});
var actual = permissions.IsAllowed(_request);
Assert.False(actual);
Assert.False(_authResolverCalled);
}
public void When_No_Route_Found_ShouldAllowUndefined_Called()
{
bool expected = true;
var permissions = new AuthRoutePermissions(new Dictionary <string, AuthPermissions> {
{ "template", new AuthPermissions() }
},
request =>
{
_authResolverCalled = true;
return(new List <string>());
}, r =>
{
_shouldAllowUndefinedCalled = true;
return(expected);
});
var actual = permissions.IsAllowed(_request);
Assert.Equal(expected, actual);
Assert.True(_shouldAllowUndefinedCalled);
}
public void When_Auth_Not_Required_And_Permissions_NotAllowed()
{
AddRoute();
var permissions =
new AuthRoutePermissions(
new Dictionary <string, AuthPermissions>
{
{ "template", new AuthPermissions {
Accepted = new List <string> {
"read"
}, AuthNotRequired = true
} }
}, request =>
{
_authResolverCalled = true;
return(new List <string>());
});
var actual = permissions.IsAllowed(_request);
Assert.False(actual);
}
public void When_RouteTemplate_Found_AuthResolver_Called()
{
AddRoute();
var permissions =
new AuthRoutePermissions(
new Dictionary <string, AuthPermissions>
{
{ "template", new AuthPermissions {
Accepted = new List <string> {
"write "
}
} }
}, request =>
{
_authResolverCalled = true;
return(new List <string>());
});
var actual = permissions.IsAllowed(_request);
Assert.False(actual);
Assert.True(_authResolverCalled);
}
