public async Task Delete_Contract_Removes_Associated_Advices()
{
// Arrange
const int organizationId = TestEnvironment.DefaultOrganizationId;
var contract = await ItContractHelper.CreateContract(A <string>(), OrganizationId);
var advice = new Core.DomainModel.Advice.Advice
{
Id = A <int>(),
AlarmDate = DateTime.Now,
StopDate = DateTime.Now.AddDays(365),
Scheduling = Scheduling.Quarter,
Subject = "Can_Delete_Contract_Advices",
RelationId = contract.Id,
Type = RelatedEntityType.itProject
};
using var createResponse = await AdviceHelper.PostAdviceAsync(advice, organizationId);
Assert.Equal(HttpStatusCode.Created, createResponse.StatusCode);
// Act
using var deleteResponse = await ItContractHelper.SendDeleteContractRequestAsync(contract.Id);
Assert.Equal(HttpStatusCode.OK, deleteResponse.StatusCode);
// Assert
using var advicesResponse = AdviceHelper.GetContractAdvicesAsync(contract.Id);
var deletedContractAdvices = await advicesResponse.Result.ReadOdataListResponseBodyAsAsync <Core.DomainModel.Advice.Advice>();
Assert.True(deletedContractAdvices.Count == 0);
}
public async Task Deleting_Contract_Clears_ContractField_In_All_AssociatedRelations()
{
//Arrange
var input = await PrepareFullRelationAsync(true, false, false);
//Act
using (var response = await SystemRelationHelper.SendPostRelationRequestAsync(input))
{
Assert.Equal(HttpStatusCode.Created, response.StatusCode);
var relation = await response.ReadResponseBodyAsKitosApiResponseAsync <SystemRelationDTO>();
Assert.NotNull(relation.Contract);
using (var deleteContractRequest = await ItContractHelper.SendDeleteContractRequestAsync(input.ContractId.GetValueOrDefault()))
using (var getAfterDeleteResponse = await SystemRelationHelper.SendGetRelationRequestAsync(input.FromUsageId, relation.Id))
{
//Assert
Assert.Equal(HttpStatusCode.OK, deleteContractRequest.StatusCode);
Assert.Equal(HttpStatusCode.OK, getAfterDeleteResponse.StatusCode);
var relationAfterChange = await getAfterDeleteResponse.ReadResponseBodyAsKitosApiResponseAsync <SystemRelationDTO>();
Assert.Null(relationAfterChange.Contract);
}
}
}
public async Task Can_Assign_And_Remove_DataProcessingRegistration()
{
//Arrange
const int organizationId = TestEnvironment.DefaultOrganizationId;
var registration = await DataProcessingRegistrationHelper.CreateAsync(organizationId, A <string>());
var contract = await ItContractHelper.CreateContract(A <string>(), OrganizationId);
//Act - Add
using var assignResponse = await ItContractHelper.SendAssignDataProcessingRegistrationAsync(contract.Id, registration.Id);
using var duplicateResponse = await ItContractHelper.SendAssignDataProcessingRegistrationAsync(contract.Id, registration.Id);
//Assert
Assert.Equal(HttpStatusCode.OK, assignResponse.StatusCode);
Assert.Equal(HttpStatusCode.Conflict, duplicateResponse.StatusCode);
var dto = await ItContractHelper.GetItContract(contract.Id);
var namedEntityDTO = Assert.Single(dto.DataProcessingRegistrations);
Assert.Equal(registration.Id, namedEntityDTO.Id);
Assert.Equal(registration.Name, namedEntityDTO.Name);
//Act - remove
using var removeResponse = await ItContractHelper.SendRemoveDataProcessingRegistrationAsync(contract.Id, registration.Id);
using var duplicateRemoveResponse = await ItContractHelper.SendRemoveDataProcessingRegistrationAsync(contract.Id, registration.Id);
//Assert
Assert.Equal(HttpStatusCode.OK, removeResponse.StatusCode);
Assert.Equal(HttpStatusCode.BadRequest, duplicateRemoveResponse.StatusCode);
dto = await ItContractHelper.GetItContract(contract.Id);
Assert.Empty(dto.DataProcessingRegistrations);
}
public async Task Can_Get_GDPRExportReport_With_All_Fields_Set()
{
//Arrange
var sensitiveDataLevel = A <SensitiveDataLevel>();
var datahandlerContractTypeId = "5";
const int organizationId = TestEnvironment.DefaultOrganizationId;
var system = await ItSystemHelper.CreateItSystemInOrganizationAsync(A <string>(), organizationId, AccessModifier.Public);
var usage = await ItSystemHelper.TakeIntoUseAsync(system.Id, organizationId);
var dataProcessingRegistrationDto = await DataProcessingRegistrationHelper.CreateAsync(organizationId, A <string>());
await DataProcessingRegistrationHelper.SendChangeIsAgreementConcludedRequestAsync(dataProcessingRegistrationDto.Id, YesNoIrrelevantOption.YES);
using var setSystemResponse = await DataProcessingRegistrationHelper.SendAssignSystemRequestAsync(dataProcessingRegistrationDto.Id, usage.Id);
Assert.Equal(HttpStatusCode.OK, setSystemResponse.StatusCode);
var body = new
{
HostedAt = A <HostedAt>(),
IsBusinessCritical = A <DataOptions>(),
DataProcessorControl = A <DataOptions>(),
RiskAssessment = A <DataOptions>(),
PreRiskAssessment = A <RiskLevel>(),
DPIA = A <DataOptions>()
};
var contract = await ItContractHelper.CreateContract(A <string>(), organizationId);
await ItContractHelper.PatchContract(contract.Id, organizationId, new { contractTypeId = datahandlerContractTypeId });
await ItContractHelper.AddItSystemUsage(contract.Id, usage.Id, organizationId);
await ItSystemUsageHelper.PatchSystemUsage(usage.Id, organizationId, body);
await ItSystemUsageHelper.AddSensitiveDataLevel(usage.Id, sensitiveDataLevel);
var expectedUsage = await ItSystemHelper.GetItSystemUsage(usage.Id);
//Act
var report = await ItSystemUsageHelper.GetGDPRExportReport(organizationId);
//Assert
var gdprExportReport = Assert.Single(report.Where(x => x.Name == system.Name));
AssertCorrectGdprExportReport(expectedUsage, gdprExportReport, true);
AssertSensitiveDataLevel(sensitiveDataLevel, gdprExportReport);
}
public async Task Cannot_Add_HandoverTrial(OrganizationRole role)
{
//Arrange
var login = await HttpApi.GetCookieAsync(role);
var contract = await ItContractHelper.CreateContract(A <string>(), OrganizationId);
var approved = A <DateTime>().Date;
var expected = A <DateTime>().Date;
//Act - perform the action with the actual role
using (var result = await ItContractHelper.SendAddHandOverTrialAsync(contract.OrganizationId, contract.Id, approved, expected, login))
{
//Assert
Assert.Equal(HttpStatusCode.Forbidden, result.StatusCode);
}
}
public async Task Can_Create_Reference_In_ItContract()
{
//Arrange
var contract = await ItContractHelper.CreateContract(A <string>(), TestEnvironment.DefaultOrganizationId);
//Act - create two similar references... we expect the first one to be the master
var expectedMasterReference = await ReferencesHelper.CreateReferenceAsync(_title, _externalReferenceId, _referenceUrl, _display, dto => dto.ItContract_Id = contract.Id);
await ReferencesHelper.CreateReferenceAsync(_title, _externalReferenceId, _referenceUrl, _display, dto => dto.ItContract_Id = contract.Id);
//Assert
AssertCreatedReference(_title, expectedMasterReference, _externalReferenceId, _referenceUrl, _display);
contract = await ItContractHelper.GetItContract(contract.Id);
Assert.Equal(2, contract.ExternalReferences.Count);
Assert.Equal(expectedMasterReference.Id, contract.ReferenceId.GetValueOrDefault(-1)); //First reference must be marked as "the reference"
}
public async Task Can_Add_HandoverTrial(OrganizationRole role)
{
//Arrange
var login = await HttpApi.GetCookieAsync(role);
var contract = await ItContractHelper.CreateContract(A <string>(), OrganizationId);
var approved = A <DateTime>().Date;
var expected = A <DateTime>().Date;
//Act - perform the action with the actual role
var result = await ItContractHelper.AddHandOverTrialAsync(contract.OrganizationId, contract.Id, approved, expected, login);
//Assert
Assert.Equal(contract.Id, result.ItContractId);
Assert.Equal(approved, result.Approved.GetValueOrDefault());
Assert.Equal(expected, result.Expected.GetValueOrDefault());
}
public async Task Can_Get_Available_DataProcessingRegistrations()
{
//Arrange
const int organizationId = TestEnvironment.DefaultOrganizationId;
var registrationName = A <string>();
var registration1 = await DataProcessingRegistrationHelper.CreateAsync(organizationId, registrationName + "1");
var registration2 = await DataProcessingRegistrationHelper.CreateAsync(organizationId, registrationName + "2");
var contract = await ItContractHelper.CreateContract(A <string>(), OrganizationId);
//Act
var dtos = (await ItContractHelper.GetAvailableDataProcessingRegistrationsAsync(contract.Id, registrationName)).ToList();
//Assert
Assert.Equal(2, dtos.Count);
dtos.Select(x => new { x.Id, x.Name }).ToExpectedObject().ShouldMatch(new[] { new { registration1.Id, registration1.Name }, new { registration2.Id, registration2.Name } });
}
private async Task <CreateSystemRelationDTO> PrepareFullRelationAsync(bool withContract, bool withFrequency, bool withInterface)
{
var system1 = await ItSystemHelper.CreateItSystemInOrganizationAsync(CreateName(), OrganizationId, AccessModifier.Public);
var system2 = await ItSystemHelper.CreateItSystemInOrganizationAsync(CreateName(), OrganizationId, AccessModifier.Public);
var usage1 = await ItSystemHelper.TakeIntoUseAsync(system1.Id, OrganizationId);
var usage2 = await ItSystemHelper.TakeIntoUseAsync(system2.Id, OrganizationId);
var targetInterface = Maybe <ItInterfaceDTO> .None;
if (withInterface)
{
targetInterface = await InterfaceHelper.CreateInterface(InterfaceHelper.CreateInterfaceDto(CreateName(), CreateName(), OrganizationId, AccessModifier.Public));
await InterfaceExhibitHelper.CreateExhibit(system2.Id, targetInterface.Value.Id);
}
var contract = withContract ? await ItContractHelper.CreateContract(CreateName(), OrganizationId) : Maybe <ItContractDTO> .None;
var targetFrequencyTypeId = withFrequency ? DatabaseAccess.MapFromEntitySet <RelationFrequencyType, int>(repo =>
{
var first = repo
.AsQueryable()
.First(x => x.IsEnabled);
return(first.Id);
}) : default(int?);
var input = new CreateSystemRelationDTO
{
FromUsageId = usage1.Id,
ToUsageId = usage2.Id,
ContractId = contract.Select <int?>(x => x.Id).GetValueOrDefault(),
InterfaceId = targetInterface.Select <int?>(x => x.Id).GetValueOrDefault(),
Description = A <string>(),
Reference = A <string>(),
FrequencyTypeId = targetFrequencyTypeId
};
return(input);
}
public async Task Post_Reference_With_Valid_Input_Returns_201()
{
//Arrange
var organizationId = TestEnvironment.DefaultOrganizationId;
var contract = await ItContractHelper.CreateContract(A <string>(), organizationId);
var payload = new
{
Title = A <string>(),
ExternalReferenceId = A <string>(),
URL = "https://strongminds.dk/",
Itcontract_Id = contract.Id
};
var cookie = await HttpApi.GetCookieAsync(OrganizationRole.LocalAdmin);
//Act
using (var httpResponse = await HttpApi.PostWithCookieAsync(TestEnvironment.CreateUrl($"/api/Reference?organizationId={organizationId}"), cookie, payload))
{
//Assert
Assert.Equal(HttpStatusCode.Created, httpResponse.StatusCode);
}
}
public async Task ReadModels_Contain_Correct_Content()
{
//Arrange
var name = A <string>();
var dpName = $"Dp:{name}";
var subDpName = $"Sub_Dp:{name}";
var systemName = $"SYSTEM:{name}";
var contractName = $"CONTRACT:{name}";
var refName = $"REF:{name}";
var refUserAssignedId = $"REF:{name}EXT_ID";
var refUrl = $"https://www.test-rm{A<uint>()}.dk";
var refDisp = A <Display>();
var organizationId = TestEnvironment.DefaultOrganizationId;
var isAgreementConcluded = A <YesNoIrrelevantOption>();
var oversightInterval = A <YearMonthIntervalOption>();
var oversightCompleted = A <YesNoUndecidedOption>();
var oversightDate = A <DateTime>();
var oversightRemark = A <string>();
Console.Out.WriteLine($"Testing in the context of DPR with name:{name}");
var dataProcessor = await OrganizationHelper.CreateOrganizationAsync(organizationId, dpName, "22334455", OrganizationTypeKeys.Virksomhed, AccessModifier.Public);
var subDataProcessor = await OrganizationHelper.CreateOrganizationAsync(organizationId, subDpName, "22314455", OrganizationTypeKeys.Virksomhed, AccessModifier.Public);
var registration = await DataProcessingRegistrationHelper.CreateAsync(organizationId, name);
await DataProcessingRegistrationHelper.SendChangeOversightIntervalOptionRequestAsync(registration.Id, oversightInterval);
await DataProcessingRegistrationHelper.SendChangeIsOversightCompletedRequestAsync(registration.Id, oversightCompleted);
var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id);
var role = businessRoleDtos.First();
var availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, role.Id);
var user = availableUsers.First();
_testOutputHelper.WriteLine($"Attempting to assign user {user.Id}:{user.Email} as role {role.Id}:{role.Name} in dpr {registration.Id}:{registration.Name}");
using var response = await DataProcessingRegistrationHelper.SendAssignRoleRequestAsync(registration.Id, role.Id, user.Id);
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
//Basis for transfer
var options = (await DataProcessingRegistrationHelper.GetBasisForTransferOptionsAsync(TestEnvironment.DefaultOrganizationId)).ToList();
var basisForTransfer = options[Math.Abs(A <int>()) % options.Count];
using var assignResponse = await DataProcessingRegistrationHelper.SendAssignBasisForTransferRequestAsync(registration.Id, basisForTransfer.Id);
Assert.Equal(HttpStatusCode.OK, assignResponse.StatusCode);
//Enable and set third country
var transferToThirdCountries = A <YesNoUndecidedOption>();
using var setInsecureCountryStateResponse = await DataProcessingRegistrationHelper.SendSetUseTransferToInsecureThirdCountriesStateRequestAsync(registration.Id, transferToThirdCountries);
Assert.Equal(HttpStatusCode.OK, setInsecureCountryStateResponse.StatusCode);
//Set data responsible
var dataOptions = await DataProcessingRegistrationHelper.GetAvailableOptionsRequestAsync(organizationId);
var dataResponsibleOption = dataOptions.DataResponsibleOptions.First();
using var setDataResponsibleResponse = await DataProcessingRegistrationHelper.SendAssignDataResponsibleRequestAsync(registration.Id, dataResponsibleOption.Id);
Assert.Equal(HttpStatusCode.OK, setDataResponsibleResponse.StatusCode);
//Set oversight option
var oversightOption = dataOptions.OversightOptions.First();
using var setOversightOptionResponse = await DataProcessingRegistrationHelper.SendAssignOversightOptionRequestAsync(registration.Id, oversightOption.Id);
Assert.Equal(HttpStatusCode.OK, setDataResponsibleResponse.StatusCode);
//Enable and set sub processors
using var setStateRequest = await DataProcessingRegistrationHelper.SendSetUseSubDataProcessorsStateRequestAsync(registration.Id, YesNoUndecidedOption.Yes);
Assert.Equal(HttpStatusCode.OK, setStateRequest.StatusCode);
using var sendAssignDataProcessorRequestAsync = await DataProcessingRegistrationHelper.SendAssignDataProcessorRequestAsync(registration.Id, dataProcessor.Id);
Assert.Equal(HttpStatusCode.OK, sendAssignDataProcessorRequestAsync.StatusCode);
using var sendAssignSubDataProcessorRequestAsync = await DataProcessingRegistrationHelper.SendAssignSubDataProcessorRequestAsync(registration.Id, subDataProcessor.Id);
Assert.Equal(HttpStatusCode.OK, sendAssignSubDataProcessorRequestAsync.StatusCode);
//Concluded state
await DataProcessingRegistrationHelper.SendChangeIsAgreementConcludedRequestAsync(registration.Id, isAgreementConcluded);
//Latest oversight date
await DataProcessingRegistrationHelper.SendAssignOversightDateRequestAsync(registration.Id, oversightDate, oversightRemark);
//References
await ReferencesHelper.CreateReferenceAsync(refName, refUserAssignedId, refUrl, refDisp, dto => dto.DataProcessingRegistration_Id = registration.Id);
//Systems
var itSystemDto = await ItSystemHelper.CreateItSystemInOrganizationAsync(systemName, organizationId, AccessModifier.Public);
var usage = await ItSystemHelper.TakeIntoUseAsync(itSystemDto.Id, organizationId);
using var assignSystemResponse = await DataProcessingRegistrationHelper.SendAssignSystemRequestAsync(registration.Id, usage.Id);
Assert.Equal(HttpStatusCode.OK, assignSystemResponse.StatusCode);
//Contracts
var contractDto = await ItContractHelper.CreateContract(contractName, organizationId);
using var assignDataProcessingResponse = await ItContractHelper.SendAssignDataProcessingRegistrationAsync(contractDto.Id, registration.Id);
Assert.Equal(HttpStatusCode.OK, assignDataProcessingResponse.StatusCode);
//Wait for read model to rebuild (wait for the LAST mutation)
await WaitForReadModelQueueDepletion();
Console.Out.WriteLine("Read models are up to date");
//Act
var readModels = (await DataProcessingRegistrationHelper.QueryReadModelByNameContent(organizationId, name, 1, 0)).ToList();
//Assert
var readModel = Assert.Single(readModels);
Console.Out.WriteLine("Read model found");
Assert.Equal(name, readModel.Name);
Assert.Equal(registration.Id, readModel.SourceEntityId);
Assert.Equal(refName, readModel.MainReferenceTitle);
Assert.Equal(refUrl, readModel.MainReferenceUrl);
Assert.Equal(refUserAssignedId, readModel.MainReferenceUserAssignedId);
Assert.Equal(oversightInterval, readModel.OversightInterval);
Assert.Equal(oversightCompleted, readModel.IsOversightCompleted);
Assert.Equal(dataProcessor.Name, readModel.DataProcessorNamesAsCsv);
Assert.Equal(subDataProcessor.Name, readModel.SubDataProcessorNamesAsCsv);
Assert.Equal(isAgreementConcluded, readModel.IsAgreementConcluded);
Assert.Equal(transferToThirdCountries, readModel.TransferToInsecureThirdCountries);
Assert.Equal(basisForTransfer.Name, readModel.BasisForTransfer);
Assert.Equal(dataResponsibleOption.Name, readModel.DataResponsible);
Assert.Equal(oversightOption.Name, readModel.OversightOptionNamesAsCsv);
Assert.Equal(contractName, readModel.ContractNamesAsCsv);
Assert.Equal(systemName, readModel.SystemNamesAsCsv);
Assert.Equal(oversightDate, readModel.LatestOversightDate);
Console.Out.WriteLine("Flat values asserted");
Console.Out.WriteLine("Asserting role assignments");
var roleAssignment = Assert.Single(readModel.RoleAssignments);
Console.Out.WriteLine("Found one role assignment as expected");
Assert.Equal(role.Id, roleAssignment.RoleId);
Assert.Equal(user.Id, roleAssignment.UserId);
Assert.Equal(user.Name, roleAssignment.UserFullName);
Console.Out.WriteLine("Role data verified");
//Assert that the source object can be deleted and that the readmodel is gone now
var deleteResponse = await DataProcessingRegistrationHelper.SendDeleteRequestAsync(registration.Id);
Assert.Equal(HttpStatusCode.OK, deleteResponse.StatusCode);
readModels = (await DataProcessingRegistrationHelper.QueryReadModelByNameContent(organizationId, name, 1, 0)).ToList();
Assert.Empty(readModels);
}
private static async Task <ItContractDTO> GetItContractAsync(int contractId)
{
return(await ItContractHelper.GetItContract(contractId));
}
private static async Task <ItSystemUsageSimpleDTO> AddItSystemUsageToContractAsync(ItContractDTO contract, ItSystemUsageDTO systemUsage, int organizationId = TestEnvironment.DefaultOrganizationId)
{
return(await ItContractHelper.AddItSystemUsage(contract.Id, systemUsage.Id, organizationId));
}
private static async Task <ItContractDTO> CreateContractAsync()
{
return(await ItContractHelper.CreateContract(CreateName(), TestEnvironment.DefaultOrganizationId));
}
