public void Action_has_no_attribute_but_Controller_has_Authorize_attribute_with_Policy()
{
//arrange
var controllerInfo = new ControllerInfo(typeof(FakeControllers.Controller_with_Policy_RequireAdmin));
var actionName = nameof(FakeControllers.Controller_with_Policy_RequireAdmin.Action_with_no_attribute);
var actionWithAuthorizePolicyFromController = controllerInfo.ActionFirstOrDefault(actionName);
//act
var isValid = ValidationRule_HasRequiredAttribute(actionWithAuthorizePolicyFromController, _requiredAuthorizePolicyAttribute);
//assert
isValid.Should().BeTrue();
}
public void Action_has_Authorize_attribute_missing_policy()
{
//arrange
var controllerInfo = new ControllerInfo(typeof(FakeControllers.Controller_with_no_attribute));
var actionName = nameof(FakeControllers.Controller_with_no_attribute.Action_with_Authorize_attribute);
var actionWithAuthorize = controllerInfo.ActionFirstOrDefault(actionName);
//act
var isValid = ValidationRule_HasRequiredAttribute(actionWithAuthorize, _requiredAuthorizePolicyAttribute);
//assert
isValid.Should().BeFalse();
}
public void Action_has_no_attribute_and_Controller_has_AllowAnonymous()
{
//arrange
var controllerInfo = new ControllerInfo(typeof(FakeControllers.Controller_with_AllowAnonymous));
var actionName = nameof(FakeControllers.Controller_with_AllowAnonymous.Action_with_no_attribute);
var actionWithAnonymousFromController = controllerInfo.ActionFirstOrDefault(actionName);
//act
var isValid = ValidationRule_HasRequiredAttribute(actionWithAnonymousFromController, _requiredAuthorizeAttribute);
//assert
isValid.Should().BeFalse();
}
public void Action_has_AllowAnonymous_attribute()
{
//arrange
var controllerInfo = new ControllerInfo(typeof(FakeControllers.Controller_with_no_attribute));
var actionName = nameof(FakeControllers.Controller_with_no_attribute.Action_with_AllowAnonymous_attribute);
var actionWithAllowAnonymous = controllerInfo.ActionFirstOrDefault(actionName);
//act
var isValid = ValidationRule_HasRequiredAttribute(actionWithAllowAnonymous, _requiredAnonymousAttribute);
//assert
isValid.Should().BeTrue();
}
public void Action_has_no_attribute_and_Controller_has_Authorize_attribute_with_Wrong_policy()
{
//arrange
var controllerInfo = new ControllerInfo(typeof(FakeControllers.Controller_with_Policy_RequireAdmin));
var actionName = nameof(FakeControllers.Controller_with_Policy_RequireAdmin.Action_with_no_attribute);
var actionWithAuthorizeFromController = controllerInfo.ActionFirstOrDefault(actionName);
var requiredAuthorizePolicy = new AuthorizeAttribute(PolicyNames.RequireAuthorizedUser);
//act
var isValid = ValidationRule_HasRequiredAttribute(actionWithAuthorizeFromController, requiredAuthorizePolicy);
//assert
isValid.Should().BeFalse();
}
public void ControllerName_uses_Fully_qualified_name()
{
//arrange
var controllerInfo = new ControllerInfo(typeof(FakeControllers.Controller_with_no_attribute));
var actionName = nameof(FakeControllers.Controller_with_no_attribute.Action_with_no_attribute);
var action = controllerInfo.ActionFirstOrDefault(actionName);
//act
var rule = new ValidationRuleActionInternal(action, new AuthorizeAttribute());
//assert
var expectedFullName = controllerInfo.Controller.FullName;
rule.ControllerName.Equals(expectedFullName).Should().BeTrue(" multiple controllers in assembly using the same name is supported; hence controller.FullName must be used");
}
public void Action_has_Authorize_attribute_missing_policy_and_Controller_has_Authorize_attribute_with_policy()
{
//arrange
var controllerInfo = new ControllerInfo(typeof(FakeControllers.Controller_with_Policy_RequireAdmin));
var actionName = nameof(FakeControllers.Controller_with_Policy_RequireAdmin.Action_with_Authorize_attribute);
var actionWithAuthorizeFromController = controllerInfo.ActionFirstOrDefault(actionName);
var requiredAuthorizePolicyAttribute = new AuthorizeAttribute(PolicyNames.RequireAuthorizedAdmin);
//act
var isValid = ValidationRule_HasRequiredAttribute(actionWithAuthorizeFromController, requiredAuthorizePolicyAttribute);
//assert
isValid.Should().BeFalse(" - the attribute on the action has precedence over the controller attribute");
}
public void CustomAuthorizeAttributesFromController_returns_attribute_from_controller()
{
//arrange
var controllerInfo = new ControllerInfo(typeof(FakeControllers.Controller_with_Policy_RequireAdmin));
var actionName = nameof(FakeControllers.Controller_with_Policy_RequireAdmin.Action_with_Authorize_attribute);
var action = controllerInfo.ActionFirstOrDefault(actionName);
var expectedAttribute = new AuthorizeAttribute(PolicyNames.RequireAuthorizedAdmin);
//act
var rule = new ValidationRuleActionInternal(action, new AuthorizeAttribute());
//assert
var actualAttribute = rule.CustomAuthorizeAttributesFromController().First();
actualAttribute.Should().BeEquivalentTo(expectedAttribute);
}
/// <summary>
/// Returns First method found by name
/// </summary>
/// <param name="actionName"></param>
/// <returns></returns>
private static MethodInfo GetMethodInfo(string actionName)
{
var controllerInfo = new ControllerInfo(typeof(TController));
return(controllerInfo.ActionFirstOrDefault(actionName));
}