public async Task RefreshPublishedResults_WhenUserDoesHaveRefreshFundingPermission_ThenActionAllowed()
{
// Arrange
string specificationId = "abc123";
IAuthorizationHelper authorizationHelper = Substitute.For <IAuthorizationHelper>();
authorizationHelper
.DoesUserHavePermission(Arg.Any <ClaimsPrincipal>(), Arg.Is(specificationId), Arg.Is(SpecificationActionTypes.CanRefreshFunding))
.Returns(true);
ISpecsApiClient specsClient = CreateSpecsClient();
specsClient.RefreshPublishedResults(Arg.Is(specificationId))
.Returns(new ApiResponse <SpecificationCalculationExecutionStatusModel>(HttpStatusCode.OK, new SpecificationCalculationExecutionStatusModel()));
ApprovalController controller = CreateApprovalController(specsClient: specsClient, authorizationHelper: authorizationHelper);
// Act
IActionResult result = await controller.RefreshPublishedResults(specificationId);
// Assert
result.Should().BeOfType <OkObjectResult>();
}
public async Task <IActionResult> RefreshPublishedResults(string specificationId)
{
Guard.IsNullOrWhiteSpace(specificationId, nameof(specificationId));
if (!await _authorizationHelper.DoesUserHavePermission(User, specificationId, SpecificationActionTypes.CanRefreshFunding))
{
return(new ForbidResult());
}
ApiResponse <SpecificationCalculationExecutionStatusModel> callResult = await _specsClient.RefreshPublishedResults(specificationId);
if (callResult.StatusCode == HttpStatusCode.OK)
{
return(new OkObjectResult(callResult.Content));
}
else if (callResult.StatusCode == HttpStatusCode.NoContent)
{
return(new NoContentResult());
}
else if (callResult.StatusCode == HttpStatusCode.BadRequest)
{
return(new BadRequestResult());
}
return(new InternalServerErrorResult($"Unexpected status from API call: '{callResult.StatusCode}'"));
}
