public void GetStateChangeLocksForUserWithoutStateChangeLocksReturnsEmptyList()
{
Mock.Arrange(() => CurrentUserDataProvider.GetIdentity(TENANT_ID))
.Returns(new Identity
{
Permissions = new List <String> {
STATE_CHANGE_LOCK_READ_PERMISSION
},
Username = CURRENT_USER_ID,
Tid = TENANT_ID
})
.MustBeCalled();
Mock.Arrange(() => CurrentUserDataProvider.GetEntitiesForUser(Arg.IsAny <DbSet <StateChangeLock> >(), CURRENT_USER_ID, TENANT_ID))
.ReturnsCollection(new List <StateChangeLock>())
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.StateChangeLocks)
.IgnoreInstance()
.ReturnsCollection(CreateSampleStateChangeLockDbSet())
.MustBeCalled();
var actionResult = _stateChangeLocksController.GetStateChangeLocks(
CreateODataQueryOptions("http://localhost/api/Core.svc/StateChangeLocks"))
.Result;
Assert.IsTrue(actionResult.GetType() == typeof(OkNegotiatedContentResult <IEnumerable <StateChangeLock> >));
var response = actionResult as OkNegotiatedContentResult <IEnumerable <StateChangeLock> >;
Assert.IsNotNull(response);
Assert.AreEqual(0, response.Content.Count());
Mock.Assert(() => CurrentUserDataProvider.GetIdentity(TENANT_ID));
Mock.Assert(() => CurrentUserDataProvider.GetEntitiesForUser(Arg.IsAny <DbSet <StateChangeLock> >(), CURRENT_USER_ID, TENANT_ID));
Mock.Assert(_lifeCycleContext);
}
public void GetCalloutDefinitionsForUserWithReadPermissionReturnsCalloutDefinitionsTheUserIsAuthorizedFor()
{
Mock.Arrange(() => CurrentUserDataProvider.GetIdentity(TENANT_ID))
.Returns(new Identity
{
Permissions = new List <String> {
CALLOUT_DEFINITION_READ_PERMISSION
},
Username = CURRENT_USER_ID,
Tid = TENANT_ID
})
.MustBeCalled();
Mock.Arrange(() => CurrentUserDataProvider.GetEntitiesForUser(Arg.IsAny <DbSet <CalloutDefinition> >(), CURRENT_USER_ID, TENANT_ID))
.ReturnsCollection(CreateSampleCalloutDefinitionDbSet().ToList())
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.CalloutDefinitions)
.IgnoreInstance()
.ReturnsCollection(CreateSampleCalloutDefinitionDbSet())
.MustBeCalled();
var actionResult = _calloutDefinitionsController.GetCalloutDefinitions(
CreateODataQueryOptions("http://localhost/api/Core.svc/CalloutDefinitions"))
.Result;
Assert.IsTrue(actionResult.GetType() == typeof(OkNegotiatedContentResult <IEnumerable <CalloutDefinition> >));
var response = actionResult as OkNegotiatedContentResult <IEnumerable <CalloutDefinition> >;
Assert.IsNotNull(response);
Assert.AreEqual(2, response.Content.Count());
Mock.Assert(() => CurrentUserDataProvider.GetIdentity(TENANT_ID));
Mock.Assert(() => CurrentUserDataProvider.GetEntitiesForUser(Arg.IsAny <DbSet <CalloutDefinition> >(), CURRENT_USER_ID, TENANT_ID));
Mock.Assert(_lifeCycleContext);
}
public async Task <IHttpActionResult> GetCalloutDefinitions(ODataQueryOptions <CalloutDefinition> queryOptions)
{
var declaringType = System.Reflection.MethodBase.GetCurrentMethod().DeclaringType;
var fn = String.Format("{0}:{1}",
declaringType.Namespace,
declaringType.Name);
try
{
queryOptions.Validate(_validationSettings);
}
catch (ODataException ex)
{
Debug.WriteLine(String.Format("{0}: {1}\r\n{2}", ex.Source, ex.Message, ex.StackTrace));
return(BadRequest(ex.Message));
}
try
{
Debug.WriteLine(fn);
var identity = CurrentUserDataProvider.GetIdentity(TenantId);
var permissionId = CreatePermissionId("CanRead");
if (!identity.Permissions.Contains(permissionId))
{
return(StatusCode(HttpStatusCode.Forbidden));
}
var calloutDefinitions = CurrentUserDataProvider.
GetEntitiesForUser(db.CalloutDefinitions, identity.Username, identity.Tid);
return(Ok <IEnumerable <CalloutDefinition> >(calloutDefinitions));
}
catch (Exception e)
{
Debug.WriteLine(String.Format("{0}: {1}\r\n{2}", e.Source, e.Message, e.StackTrace));
throw;
}
}