public async Task GetAccounts_ShouldSucceed()
{
Bogus.Faker faker = new Bogus.Faker();
var identity = faker.Random.Identity();
var accountUserFaker = new Common.Fakers.AccountUserFaker();
var master = accountUserFaker.Generate();
var newAccountUserFaker = accountUserFaker
.RuleFor(au => au.UserId, master.UserId)
.RuleFor(au => au.UserDescription, master.AccountDescription);
var originalAccountUserList = newAccountUserFaker.Generate(3);
var mockAuthorizationService = new Mock <IAuthorizationService>();
mockAuthorizationService.Setup(a => a.CheckAuthorizedUser(identity, master.UserId, AccessType.Read)).ReturnsAsync(true);
var mockUserRepository = new Mock <IUserRepository>();
mockUserRepository.Setup(ur => ur.GetAccounts(master.UserId)).ReturnsAsync(originalAccountUserList);
var userQueryHandler = new UserQueryHandler(mockAuthorizationService.Object, mockUserRepository.Object);
var accountUserList = await userQueryHandler.GetAccounts(identity, master.UserId);
originalAccountUserList.ShouldDeepEqual(accountUserList);
mockAuthorizationService.Verify(a => a.CheckAuthorizedUser(identity, master.UserId, AccessType.Read));
mockAuthorizationService.VerifyNoOtherCalls();
mockUserRepository.Verify(ur => ur.GetAccounts(master.UserId));
mockUserRepository.VerifyNoOtherCalls();
}
public async Task GetAccounts_WithoutAccess_ShouldFail()
{
Bogus.Faker faker = new Bogus.Faker();
var identity = faker.Random.Identity();
var accountUserFaker = new Common.Fakers.AccountUserFaker();
var master = accountUserFaker.Generate();
var newAccountUserFaker = accountUserFaker
.RuleFor(au => au.UserId, master.UserId)
.RuleFor(au => au.UserDescription, master.AccountDescription);
var originalAccountUserList = newAccountUserFaker.Generate(3);
var mockAuthorizationService = new Mock <IAuthorizationService>();
mockAuthorizationService.Setup(a => a.CheckAuthorizedUser(identity, master.UserId, AccessType.Read)).ReturnsAsync(false);
var mockUserRepository = new Mock <IUserRepository>();
mockUserRepository.Setup(ur => ur.GetAccounts(master.UserId)).ReturnsAsync(originalAccountUserList);
var userQueryHandler = new UserQueryHandler(mockAuthorizationService.Object, mockUserRepository.Object);
await Assert.ThrowsAsync <UnauthorizedAccessException>(async() => await userQueryHandler.GetAccounts(identity, master.UserId));
mockUserRepository.VerifyNoOtherCalls();
}
private async Task CheckAuthorizedAccount(bool hasIdentity, bool admin)
{
Bogus.Faker faker = new Bogus.Faker();
var identity = faker.Random.Identity();
var accountUserFaker = new Common.Fakers.AccountUserFaker();
var master = accountUserFaker.Generate();
var mockUserRepository = new Mock <IUserRepository>();
mockUserRepository.Setup(ur => ur.CheckAdminScope(identity, AccessType.Read)).ReturnsAsync(admin);
var mockAccountRepository = new Mock <IAccountRepository>();
mockAccountRepository.Setup(ar => ar.CheckIdentity(master.AccountId, identity)).ReturnsAsync(hasIdentity);
var authorizationService = new AuthorizationService(mockUserRepository.Object, mockAccountRepository.Object);
var result = await authorizationService.CheckAuthorizedAccount(identity, master.AccountId, AccessType.Read);
Assert.Equal(hasIdentity || admin, result);
if (!hasIdentity)
{
mockUserRepository.Verify(ur => ur.CheckAdminScope(identity, AccessType.Read));
}
mockUserRepository.VerifyNoOtherCalls();
mockAccountRepository.Verify(ar => ar.CheckIdentity(master.AccountId, identity));
mockAccountRepository.VerifyNoOtherCalls();
}
