public async Task WhenUserIsNotAuthenticatedThenResultShouldntBeSet() { var sut = new CrudApiFilterAttribute("R1", ResourceAccessRight.Create); var context = new AuthorizationFilterContext(new ActionContext(new DefaultHttpContext { User = new ClaimsPrincipal(new GenericIdentity("", "BB")) }, new RouteData(), new ActionDescriptor()), new List <IFilterMetadata>()); await sut.OnAuthorizationAsync(context).ConfigureAwait(false); context.Result.ShouldBeNull(); }
public async Task WhenUserHasAccessToSubResourceThenFilterShouldPass() { var sut = new CrudApiFilterAttribute("Locks@{lockId}", ResourceAccessRight.Update); var userIdentity = new GenericIdentity("User_1", "Normal"); userIdentity.AddClaim(new Claim("Locks@123AdS", ((int)(ResourceAccessRight.Update | ResourceAccessRight.Read)).ToString())); var context = new AuthorizationFilterContext(new ActionContext(new DefaultHttpContext { User = new ClaimsPrincipal(userIdentity) }, new RouteData(RouteValueDictionary.FromArray(new[] { new KeyValuePair <string, object>("lockId", "123AdS"), new KeyValuePair <string, object>("userId", "14") })), new ActionDescriptor()), new List <IFilterMetadata>()); await sut.OnAuthorizationAsync(context).ConfigureAwait(false); context.Result.ShouldBeNull(); }