public async Task GetAccounts_ShouldSucceed() { Bogus.Faker faker = new Bogus.Faker(); var identity = faker.Random.Identity(); var accountUserFaker = new Common.Fakers.AccountUserFaker(); var master = accountUserFaker.Generate(); var newAccountUserFaker = accountUserFaker .RuleFor(au => au.UserId, master.UserId) .RuleFor(au => au.UserDescription, master.AccountDescription); var originalAccountUserList = newAccountUserFaker.Generate(3); var mockAuthorizationService = new Mock <IAuthorizationService>(); mockAuthorizationService.Setup(a => a.CheckAuthorizedUser(identity, master.UserId, AccessType.Read)).ReturnsAsync(true); var mockUserRepository = new Mock <IUserRepository>(); mockUserRepository.Setup(ur => ur.GetAccounts(master.UserId)).ReturnsAsync(originalAccountUserList); var userQueryHandler = new UserQueryHandler(mockAuthorizationService.Object, mockUserRepository.Object); var accountUserList = await userQueryHandler.GetAccounts(identity, master.UserId); originalAccountUserList.ShouldDeepEqual(accountUserList); mockAuthorizationService.Verify(a => a.CheckAuthorizedUser(identity, master.UserId, AccessType.Read)); mockAuthorizationService.VerifyNoOtherCalls(); mockUserRepository.Verify(ur => ur.GetAccounts(master.UserId)); mockUserRepository.VerifyNoOtherCalls(); }
public async Task GetAccounts_WithoutAccess_ShouldFail() { Bogus.Faker faker = new Bogus.Faker(); var identity = faker.Random.Identity(); var accountUserFaker = new Common.Fakers.AccountUserFaker(); var master = accountUserFaker.Generate(); var newAccountUserFaker = accountUserFaker .RuleFor(au => au.UserId, master.UserId) .RuleFor(au => au.UserDescription, master.AccountDescription); var originalAccountUserList = newAccountUserFaker.Generate(3); var mockAuthorizationService = new Mock <IAuthorizationService>(); mockAuthorizationService.Setup(a => a.CheckAuthorizedUser(identity, master.UserId, AccessType.Read)).ReturnsAsync(false); var mockUserRepository = new Mock <IUserRepository>(); mockUserRepository.Setup(ur => ur.GetAccounts(master.UserId)).ReturnsAsync(originalAccountUserList); var userQueryHandler = new UserQueryHandler(mockAuthorizationService.Object, mockUserRepository.Object); await Assert.ThrowsAsync <UnauthorizedAccessException>(async() => await userQueryHandler.GetAccounts(identity, master.UserId)); mockUserRepository.VerifyNoOtherCalls(); }
private async Task CheckAuthorizedAccount(bool hasIdentity, bool admin) { Bogus.Faker faker = new Bogus.Faker(); var identity = faker.Random.Identity(); var accountUserFaker = new Common.Fakers.AccountUserFaker(); var master = accountUserFaker.Generate(); var mockUserRepository = new Mock <IUserRepository>(); mockUserRepository.Setup(ur => ur.CheckAdminScope(identity, AccessType.Read)).ReturnsAsync(admin); var mockAccountRepository = new Mock <IAccountRepository>(); mockAccountRepository.Setup(ar => ar.CheckIdentity(master.AccountId, identity)).ReturnsAsync(hasIdentity); var authorizationService = new AuthorizationService(mockUserRepository.Object, mockAccountRepository.Object); var result = await authorizationService.CheckAuthorizedAccount(identity, master.AccountId, AccessType.Read); Assert.Equal(hasIdentity || admin, result); if (!hasIdentity) { mockUserRepository.Verify(ur => ur.CheckAdminScope(identity, AccessType.Read)); } mockUserRepository.VerifyNoOtherCalls(); mockAccountRepository.Verify(ar => ar.CheckIdentity(master.AccountId, identity)); mockAccountRepository.VerifyNoOtherCalls(); }