public void DeleteStateChangeLockForAuthorizedUserWithDeletePermissionDeletesStateChangeLock()
{
Mock.Arrange(() => CurrentUserDataProvider.GetIdentity(TENANT_ID))
.Returns(new Identity
{
Permissions = new List <String> {
STATE_CHANGE_LOCK_DELETE_PERMISSION
},
Username = CURRENT_USER_ID,
Tid = TENANT_ID
})
.MustBeCalled();
Mock.Arrange(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <StateChangeLock>()))
.Returns(true)
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.StateChangeLocks.Find(1))
.IgnoreInstance()
.Returns(CreateSampleStateChangeLockDbSet()[0])
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.StateChangeLocks.Remove(Arg.IsAny <StateChangeLock>()))
.IgnoreInstance()
.MustBeCalled();
var actionResult = _stateChangeLocksController.Delete(1).Result;
AssertStatusCodeResult(actionResult, HttpStatusCode.NoContent);
Mock.Assert(() => CurrentUserDataProvider.GetIdentity(TENANT_ID));
Mock.Assert(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <StateChangeLock>()));
Mock.Assert(_lifeCycleContext);
}
public void DeleteCalloutDefinitionForUnauthorizedUserReturnsForbidden()
{
Mock.Arrange(() => CurrentUserDataProvider.GetIdentity(TENANT_ID))
.Returns(new Identity
{
Permissions = new List <String> {
CALLOUT_DEFINITION_DELETE_PERMISSION
},
Username = CURRENT_USER_ID,
Tid = TENANT_ID
})
.MustBeCalled();
Mock.Arrange(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <CalloutDefinition>()))
.Returns(false)
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.CalloutDefinitions.Find(1))
.IgnoreInstance()
.Returns(CreateSampleCalloutDefinitionDbSet()[0])
.MustBeCalled();
var actionResult = _calloutDefinitionsController.Delete(1).Result;
AssertStatusCodeResult(actionResult, HttpStatusCode.Forbidden);
Mock.Assert(() => CurrentUserDataProvider.GetIdentity(TENANT_ID));
Mock.Assert(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <CalloutDefinition>()));
Mock.Assert(_lifeCycleContext);
}
public void RunForUnauthorizedUserReturnsForbidden()
{
Mock.Arrange(() => CurrentUserDataProvider.GetIdentity(TENANT_ID))
.Returns(new Identity
{
Permissions = new List <String> {
JOB_RUN_PERMISSION
},
Username = CURRENT_USER_ID,
Tid = TENANT_ID
})
.MustBeCalled();
Mock.Arrange(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <Job>()))
.Returns(false)
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.Jobs.Find(1))
.IgnoreInstance()
.Returns(CreateSampleJobDbSet()[0])
.MustBeCalled();
var actionResult = _jobsController.Run(1, null).Result;
AssertStatusCodeResult(actionResult, HttpStatusCode.Forbidden);
Mock.Assert(() => CurrentUserDataProvider.GetIdentity(TENANT_ID));
Mock.Assert(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <Job>()));
Mock.Assert(_lifeCycleContext);
}
public void IsEntityOfUserForMatchingTidAndCreatedByReturnsTrue()
{
Assert.IsTrue(CurrentUserDataProvider.IsEntityOfUser(USERNAME, TENANT_ID, new BaseEntity
{
CreatedBy = USERNAME,
Tid = TENANT_ID
}));
}
public void PatchCalloutDefinitionForAuthorizedUserWithUpdatePermissionUpdatesDeliveredFields()
{
Mock.Arrange(() => CurrentUserDataProvider.GetIdentity(TENANT_ID))
.Returns(new Identity
{
Permissions = new List <String> {
CALLOUT_DEFINITION_UPDATE_PERMISSION
},
Username = CURRENT_USER_ID,
Tid = TENANT_ID
})
.MustBeCalled();
Mock.Arrange(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <CalloutDefinition>()))
.Returns(true)
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.CalloutDefinitions.Find(1))
.IgnoreInstance()
.Returns(CreateSampleCalloutDefinitionDbSet()[0])
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.CalloutDefinitions.Attach(Arg.IsAny <CalloutDefinition>()))
.IgnoreInstance()
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.Entry(Arg.IsAny <CalloutDefinition>()))
.IgnoreInstance()
.Returns(Mock.Create <DbEntityEntry <CalloutDefinition> >())
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.SaveChanges())
.IgnoreInstance()
.MustBeCalled();
var delta = new Delta <CalloutDefinition>(typeof(CalloutDefinition));
delta.TrySetPropertyValue("Id", "3");
delta.TrySetPropertyValue("CreatedBy", ANOTHER_USER_ID);
delta.TrySetPropertyValue("ModifiedBy", ANOTHER_USER_ID);
delta.TrySetPropertyValue("Tid", ANOTHER_TENANT_ID);
delta.TrySetPropertyValue("Parameters", "testparameters");
delta.TrySetPropertyValue("EntityType", SAMPLE_ENTITY_TYPE);
var actionResult = _calloutDefinitionsController.Patch(1, delta).Result;
Assert.IsTrue(actionResult.GetType() == typeof(OkNegotiatedContentResult <CalloutDefinition>));
var response = actionResult as OkNegotiatedContentResult <CalloutDefinition>;
var calloutDefinition = response.Content;
Assert.AreEqual(1, calloutDefinition.Id);
Assert.AreEqual(DateTimeOffset.Now.Date, calloutDefinition.Modified.Date);
Assert.AreEqual(CURRENT_USER_ID, calloutDefinition.CreatedBy);
Assert.AreEqual(CURRENT_USER_ID, calloutDefinition.ModifiedBy);
Assert.AreEqual(TENANT_ID, calloutDefinition.Tid);
Assert.AreEqual("testparameters", calloutDefinition.Parameters);
Assert.AreEqual(SAMPLE_ENTITY_TYPE, calloutDefinition.EntityType);
Mock.Assert(() => CurrentUserDataProvider.GetIdentity(TENANT_ID));
Mock.Assert(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <CalloutDefinition>()));
Mock.Assert(_lifeCycleContext);
}
public void PutCalloutDefinitionForAuthorizedUserSetsUpdatedDate()
{
Mock.Arrange(() => CurrentUserDataProvider.GetIdentity(TENANT_ID))
.Returns(new Identity
{
Permissions = new List <String> {
CALLOUT_DEFINITION_UPDATE_PERMISSION
},
Username = CURRENT_USER_ID,
Tid = TENANT_ID
})
.MustBeCalled();
Mock.Arrange(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <CalloutDefinition>()))
.Returns(true)
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.CalloutDefinitions.Find(1))
.IgnoreInstance()
.Returns(CreateSampleCalloutDefinitionDbSet()[0])
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.CalloutDefinitions.Attach(Arg.IsAny <CalloutDefinition>()))
.IgnoreInstance()
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.Entry(Arg.IsAny <CalloutDefinition>()))
.IgnoreInstance()
.Returns(Mock.Create <DbEntityEntry <CalloutDefinition> >())
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.SaveChanges())
.IgnoreInstance()
.MustBeCalled();
var actionResult = _calloutDefinitionsController.Put(1,
new CalloutDefinition
{
Id = 1,
EntityType = SAMPLE_ENTITY_TYPE,
EntityId = ENTITY_ID_1,
TenantId = TENANT_ID,
Parameters = "testparameters",
}).Result;
Assert.IsTrue(actionResult.GetType() == typeof(OkNegotiatedContentResult <CalloutDefinition>));
var response = actionResult as OkNegotiatedContentResult <CalloutDefinition>;
var calloutDefinition = response.Content;
Assert.AreEqual(1, calloutDefinition.Id);
Assert.AreEqual(CURRENT_USER_ID, calloutDefinition.CreatedBy);
Assert.AreEqual(DateTimeOffset.Now.Date, calloutDefinition.Modified.Date);
Assert.AreEqual(CURRENT_USER_ID, calloutDefinition.ModifiedBy);
Assert.AreEqual(SAMPLE_ENTITY_TYPE, calloutDefinition.EntityType);
Assert.AreEqual(ENTITY_ID_1, calloutDefinition.EntityId);
Assert.AreEqual(TENANT_ID, calloutDefinition.TenantId);
Mock.Assert(() => CurrentUserDataProvider.GetIdentity(TENANT_ID));
Mock.Assert(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <CalloutDefinition>()));
Mock.Assert(_lifeCycleContext);
}
public async Task <IHttpActionResult> Patch([FromODataUri] int key, Delta <Job> delta)
{
var declaringType = System.Reflection.MethodBase.GetCurrentMethod().DeclaringType;
var fn = String.Format("{0}:{1}",
declaringType.Namespace,
declaringType.Name);
if (!ModelState.IsValid)
{
Debug.WriteLine("Job to be created has invalid ModelState.");
return(BadRequest(ModelState));
}
try
{
Debug.WriteLine(fn);
var identity = CurrentUserDataProvider.GetIdentity(TenantId);
var permissionId = CreatePermissionId("CanUpdate");
if (!identity.Permissions.Contains(permissionId))
{
return(StatusCode(HttpStatusCode.Forbidden));
}
var job = db.Jobs.Find(key);
if (null == job)
{
return(StatusCode(HttpStatusCode.NotFound));
}
if (!CurrentUserDataProvider.IsEntityOfUser(identity.Username, identity.Tid, job))
{
return(StatusCode(HttpStatusCode.Forbidden));
}
Debug.WriteLine("Patching Job with id '{0}'", key);
var id = job.Id;
var created = job.Created;
var createdBy = job.CreatedBy;
var tId = job.Tid;
delta.Patch(job);
job.Id = id;
job.Created = created;
job.CreatedBy = createdBy;
job.Modified = DateTimeOffset.Now;
job.ModifiedBy = identity.Username;
job.Tid = tId;
db.Jobs.Attach(job);
db.Entry(job).State = EntityState.Modified;
db.SaveChanges();
Debug.WriteLine("Job with id '{0}' patched", key);
return(Ok <Job>(job));
}
catch (Exception e)
{
Debug.WriteLine(String.Format("{0}: {1}\r\n{2}", e.Source, e.Message, e.StackTrace));
throw;
}
}
// PUT: api/Core.svc/CalloutDefinitions(5)
public async Task <IHttpActionResult> Put([FromODataUri] int key, CalloutDefinition calloutDefinition)
{
var declaringType = System.Reflection.MethodBase.GetCurrentMethod().DeclaringType;
var fn = String.Format("{0}:{1}",
declaringType.Namespace,
declaringType.Name);
if (!ModelState.IsValid)
{
Debug.WriteLine("CalloutDefinition to be updated with id '{0}' has invalid ModelState.", key);
return(BadRequest(ModelState));
}
if (key != calloutDefinition.Id)
{
return(BadRequest());
}
try
{
Debug.WriteLine(fn);
var identity = CurrentUserDataProvider.GetIdentity(TenantId);
var permissionId = CreatePermissionId("CanUpdate");
if (!identity.Permissions.Contains(permissionId))
{
return(StatusCode(HttpStatusCode.Forbidden));
}
var original = db.CalloutDefinitions.Find(calloutDefinition.Id);
if (null == original)
{
return(StatusCode(HttpStatusCode.NotFound));
}
if (!CurrentUserDataProvider.IsEntityOfUser(identity.Username, identity.Tid, calloutDefinition))
{
return(StatusCode(HttpStatusCode.Forbidden));
}
calloutDefinition.Created = original.Created;
calloutDefinition.CreatedBy = original.CreatedBy;
calloutDefinition.Modified = DateTimeOffset.Now;
calloutDefinition.ModifiedBy = identity.Username;
calloutDefinition.Tid = original.Tid;
db.CalloutDefinitions.Attach(calloutDefinition);
db.Entry(calloutDefinition).State = EntityState.Modified;
db.SaveChanges();
Debug.WriteLine("CalloutDefinition with id '{0}' updated", key);
return(Ok <CalloutDefinition>(calloutDefinition));
}
catch (Exception e)
{
Debug.WriteLine(String.Format("{0}: {1}\r\n{2}", e.Source, e.Message, e.StackTrace));
throw;
}
}
public void PutJobForAuthorizedUserSetsUpdatedDate()
{
Mock.Arrange(() => CurrentUserDataProvider.GetIdentity(TENANT_ID))
.Returns(new Identity
{
Permissions = new List <String> {
JOB_UPDATE_PERMISSION
},
Username = CURRENT_USER_ID,
Tid = TENANT_ID
})
.MustBeCalled();
Mock.Arrange(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <Job>()))
.Returns(true)
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.Jobs.Find(1))
.IgnoreInstance()
.Returns(CreateSampleJobDbSet()[0])
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.Jobs.Attach(Arg.IsAny <Job>()))
.IgnoreInstance()
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.Entry(Arg.IsAny <Job>()))
.IgnoreInstance()
.Returns(Mock.Create <DbEntityEntry <Job> >())
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.SaveChanges())
.IgnoreInstance()
.MustBeCalled();
var actionResult = _jobsController.Put(1,
new Job
{
Id = 1,
Type = "Test",
State = JobStateEnum.Canceled.ToString(),
Parameters = SAMPLE_PARAMETERS,
}).Result;
Assert.IsTrue(actionResult.GetType() == typeof(OkNegotiatedContentResult <Job>));
var response = actionResult as OkNegotiatedContentResult <Job>;
var job = response.Content;
Assert.AreEqual(1, job.Id);
Assert.AreEqual(CURRENT_USER_ID, job.CreatedBy);
Assert.AreEqual(DateTimeOffset.Now.Date, job.Modified.Date);
Assert.AreEqual(CURRENT_USER_ID, job.ModifiedBy);
Assert.AreEqual(JobStateEnum.Canceled.ToString(), job.State);
Assert.AreEqual("Test", job.Type);
Mock.Assert(() => CurrentUserDataProvider.GetIdentity(TENANT_ID));
Mock.Assert(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <Job>()));
Mock.Assert(_lifeCycleContext);
}
public void PatchJobForAuthorizedUserWithUpdatePermissionUpdatesDeliveredFields2()
{
Mock.Arrange(() => CurrentUserDataProvider.GetIdentity(TENANT_ID))
.Returns(new Identity
{
Permissions = new List <String> {
JOB_UPDATE_PERMISSION
},
Username = CURRENT_USER_ID,
Tid = TENANT_ID
})
.MustBeCalled();
Mock.Arrange(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <Job>()))
.Returns(true)
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.Jobs.Find(1))
.IgnoreInstance()
.Returns(CreateSampleJobDbSet()[0])
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.Jobs.Attach(Arg.IsAny <Job>()))
.IgnoreInstance()
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.Entry(Arg.IsAny <Job>()))
.IgnoreInstance()
.Returns(Mock.Create <DbEntityEntry <Job> >())
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.SaveChanges())
.IgnoreInstance()
.MustBeCalled();
var delta = new Delta <Job>(typeof(Job));
delta.TrySetPropertyValue("Id", "3");
delta.TrySetPropertyValue("CreatedBy", ANOTHER_USER_ID);
delta.TrySetPropertyValue("ModifiedBy", ANOTHER_USER_ID);
delta.TrySetPropertyValue("Parameters", SAMPLE_PARAMETERS);
var actionResult = _jobsController.Patch(1, delta).Result;
Assert.IsTrue(actionResult.GetType() == typeof(OkNegotiatedContentResult <Job>));
var response = actionResult as OkNegotiatedContentResult <Job>;
var job = response.Content;
Assert.AreEqual(1, job.Id);
Assert.AreEqual(DateTimeOffset.Now.Date, job.Modified.Date);
Assert.AreEqual(CURRENT_USER_ID, job.CreatedBy);
Assert.AreEqual(CURRENT_USER_ID, job.ModifiedBy);
Assert.AreEqual(SAMPLE_PARAMETERS, job.Parameters);
Assert.AreEqual(JobStateEnum.Running.ToString(), job.State);
Mock.Assert(() => CurrentUserDataProvider.GetIdentity(TENANT_ID));
Mock.Assert(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <Job>()));
Mock.Assert(_lifeCycleContext);
}
public void IsEntityOfUserForNonMatchingTidAndCreatedByReturnsFalse()
{
Assert.IsFalse(CurrentUserDataProvider.IsEntityOfUser(USERNAME, TENANT_ID,
new BaseEntity
{
CreatedBy = "Another",
Tid = TENANT_ID
}));
Assert.IsFalse(CurrentUserDataProvider.IsEntityOfUser(USERNAME, TENANT_ID,
new BaseEntity
{
CreatedBy = USERNAME,
Tid = Guid.NewGuid().ToString()
}));
}
// GET: api/Core.svc/Jobs(5)
public async Task <IHttpActionResult> GetJob([FromODataUri] int key, ODataQueryOptions <Job> queryOptions)
{
var declaringType = System.Reflection.MethodBase.GetCurrentMethod().DeclaringType;
var fn = String.Format("{0}:{1}",
declaringType.Namespace,
declaringType.Name);
try
{
queryOptions.Validate(_validationSettings);
}
catch (ODataException ex)
{
Debug.WriteLine(String.Format("{0}: {1}\r\n{2}", ex.Source, ex.Message, ex.StackTrace));
return(BadRequest(ex.Message));
}
try
{
Debug.WriteLine(fn);
var identity = CurrentUserDataProvider.GetIdentity(TenantId);
var permissionId = CreatePermissionId("CanRead");
if (!identity.Permissions.Contains(permissionId))
{
return(StatusCode(HttpStatusCode.Forbidden));
}
var job = db.Jobs.Find(key);
if (null == job)
{
return(StatusCode(HttpStatusCode.NotFound));
}
if (!CurrentUserDataProvider.IsEntityOfUser(identity.Username, identity.Tid, job))
{
return(StatusCode(HttpStatusCode.Forbidden));
}
return(Ok <Job>(job));
}
catch (Exception e)
{
Debug.WriteLine(String.Format("{0}: {1}\r\n{2}", e.Source, e.Message, e.StackTrace));
throw;
}
}
public async Task <IHttpActionResult> Finish([FromODataUri] int key, ODataActionParameters parameters)
{
var declaringType = System.Reflection.MethodBase.GetCurrentMethod().DeclaringType;
var fn = String.Format("{0}:{1}",
declaringType.Namespace,
declaringType.Name);
Debug.WriteLine(fn);
try
{
var identity = CurrentUserDataProvider.GetIdentity(TenantId);
var permissionId = CreatePermissionId("CanRun");
if (!identity.Permissions.Contains(permissionId))
{
return(StatusCode(HttpStatusCode.Forbidden));
}
var job = db.Jobs.Find(key);
if (null == job)
{
return(StatusCode(HttpStatusCode.NotFound));
}
if (!CurrentUserDataProvider.IsEntityOfUser(identity.Username, identity.Tid, job))
{
return(StatusCode(HttpStatusCode.Forbidden));
}
Debug.WriteLine("Finish job with id '{0}'", key);
job.Modified = DateTimeOffset.Now;
job.ModifiedBy = identity.Username;
job.State = JobStateEnum.Finished.ToString();
db.Jobs.Attach(job);
db.Entry(job).State = EntityState.Modified;
db.SaveChanges();
Debug.WriteLine("Job with id '{0}' is now finished", key);
return(Ok <String>(job.State));
}
catch (Exception ex)
{
Debug.WriteLine(String.Format("{0}@{1}: {2}\r\n{3}", ex.GetType().Name, ex.Source, ex.Message, ex.StackTrace));
throw;
}
}
public void FinishForAuthorizedUserWithPermissionSetsStateToFinishedAndReturnsOk()
{
Mock.Arrange(() => CurrentUserDataProvider.GetIdentity(TENANT_ID))
.Returns(new Identity
{
Permissions = new List <String> {
JOB_RUN_PERMISSION
},
Username = CURRENT_USER_ID,
Tid = TENANT_ID
})
.MustBeCalled();
Mock.Arrange(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <Job>()))
.Returns(true)
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.Jobs.Find(2))
.IgnoreInstance()
.Returns(CreateSampleJobDbSet()[1])
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.Jobs.Attach(Arg.IsAny <Job>()))
.IgnoreInstance()
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.Entry(Arg.IsAny <Job>()))
.IgnoreInstance()
.Returns(Mock.Create <DbEntityEntry <Job> >())
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.SaveChanges())
.IgnoreInstance()
.MustBeCalled();
var actionResult = _jobsController.Finish(2, null).Result;
Assert.IsTrue(actionResult.GetType() == typeof(OkNegotiatedContentResult <String>));
var response = actionResult as OkNegotiatedContentResult <String>;
var jobState = response.Content;
Assert.AreEqual(JobStateEnum.Finished.ToString(), jobState);
Mock.Assert(() => CurrentUserDataProvider.GetIdentity(TENANT_ID));
Mock.Assert(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <Job>()));
Mock.Assert(_lifeCycleContext);
}
public void PutCalloutDefinitionForUnauthorizedUserReturnsForbidden()
{
Mock.Arrange(() => CurrentUserDataProvider.GetIdentity(TENANT_ID))
.Returns(new Identity
{
Permissions = new List <String> {
CALLOUT_DEFINITION_UPDATE_PERMISSION
},
Username = CURRENT_USER_ID,
Tid = TENANT_ID
})
.MustBeCalled();
Mock.Arrange(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <CalloutDefinition>()))
.Returns(false)
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.CalloutDefinitions.Find(1))
.IgnoreInstance()
.Returns(CreateSampleCalloutDefinitionDbSet()[0])
.MustBeCalled();
var actionResult = _calloutDefinitionsController.Put(1,
new CalloutDefinition
{
Id = 1,
CreatedBy = ANOTHER_USER_ID,
Created = DateTimeOffset.Parse("05/01/2008"),
ModifiedBy = ANOTHER_USER_ID,
Modified = DateTimeOffset.Parse("05/01/2008"),
EntityType = SAMPLE_ENTITY_TYPE,
EntityId = ENTITY_ID_1,
TenantId = TENANT_ID,
Parameters = "testparameters",
}).Result;
AssertStatusCodeResult(actionResult, HttpStatusCode.Forbidden);
Mock.Assert(() => CurrentUserDataProvider.GetIdentity(TENANT_ID));
Mock.Assert(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <CalloutDefinition>()));
Mock.Assert(_lifeCycleContext);
}
public void PutJobForUnauthorizedUserReturnsForbidden()
{
Mock.Arrange(() => CurrentUserDataProvider.GetIdentity(TENANT_ID))
.Returns(new Identity
{
Permissions = new List <String> {
JOB_UPDATE_PERMISSION
},
Username = CURRENT_USER_ID,
Tid = TENANT_ID
})
.MustBeCalled();
Mock.Arrange(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <Job>()))
.Returns(false)
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.Jobs.Find(1))
.IgnoreInstance()
.Returns(CreateSampleJobDbSet()[0])
.MustBeCalled();
var actionResult = _jobsController.Put(1,
new Job
{
Id = 1,
Type = "Test",
CreatedBy = ANOTHER_USER_ID,
Created = DateTimeOffset.Parse("05/01/2008"),
ModifiedBy = ANOTHER_USER_ID,
Modified = DateTimeOffset.Parse("05/01/2008"),
State = JobStateEnum.Canceled.ToString(),
Parameters = SAMPLE_PARAMETERS,
}).Result;
AssertStatusCodeResult(actionResult, HttpStatusCode.Forbidden);
Mock.Assert(() => CurrentUserDataProvider.GetIdentity(TENANT_ID));
Mock.Assert(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <Job>()));
Mock.Assert(_lifeCycleContext);
}
// DELETE: api/Utilities.svc/StateChangeLocks(5)
public async Task <IHttpActionResult> Delete([FromODataUri] int key)
{
var declaringType = System.Reflection.MethodBase.GetCurrentMethod().DeclaringType;
var fn = String.Format("{0}:{1}",
declaringType.Namespace,
declaringType.Name);
try
{
Debug.WriteLine(fn);
var identity = CurrentUserDataProvider.GetIdentity(TenantId);
var permissionId = CreatePermissionId("CanDelete");
if (!identity.Permissions.Contains(permissionId))
{
return(StatusCode(HttpStatusCode.Forbidden));
}
var stateChangeLock = db.StateChangeLocks.Find(key);
if (null == stateChangeLock)
{
return(StatusCode(HttpStatusCode.NotFound));
}
if (!CurrentUserDataProvider.IsEntityOfUser(identity.Username, identity.Tid, stateChangeLock))
{
return(StatusCode(HttpStatusCode.Forbidden));
}
db.StateChangeLocks.Remove(stateChangeLock);
Debug.WriteLine("Deleted StateChangeLock for entity with id '{0}'...",
stateChangeLock.EntityId);
return(StatusCode(HttpStatusCode.NoContent));
}
catch (Exception e)
{
Debug.WriteLine(String.Format("{0}: {1}\r\n{2}", e.Source, e.Message, e.StackTrace));
throw;
}
}
public void GetCalloutDefinitionByIdForAuthorizedUserWithReadPermissionReturnsRequestedCalloutDefinition()
{
Mock.Arrange(() => CurrentUserDataProvider.GetIdentity(TENANT_ID))
.Returns(new Identity
{
Permissions = new List <String> {
CALLOUT_DEFINITION_READ_PERMISSION
},
Username = CURRENT_USER_ID,
Tid = TENANT_ID
})
.MustBeCalled();
Mock.Arrange(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <CalloutDefinition>()))
.Returns(true)
.MustBeCalled();
Mock.Arrange(() => _lifeCycleContext.CalloutDefinitions.Find(1))
.IgnoreInstance()
.Returns(CreateSampleCalloutDefinitionDbSet()[0])
.MustBeCalled();
var actionResult = _calloutDefinitionsController.GetCalloutDefinition(1,
CreateODataQueryOptions("http://localhost/api/Core.svc/CalloutDefinitions(1)"))
.Result;
Assert.IsTrue(actionResult.GetType() == typeof(OkNegotiatedContentResult <CalloutDefinition>));
var response = actionResult as OkNegotiatedContentResult <CalloutDefinition>;
var calloutDefinition = response.Content;
Assert.AreEqual(1, calloutDefinition.Id);
Assert.AreEqual(CURRENT_USER_ID, calloutDefinition.CreatedBy);
Mock.Assert(() => CurrentUserDataProvider.GetIdentity(TENANT_ID));
Mock.Assert(() => CurrentUserDataProvider.IsEntityOfUser(CURRENT_USER_ID, TENANT_ID, Arg.IsAny <CalloutDefinition>()));
Mock.Assert(_lifeCycleContext);
}