public void WhenExecuteWithEmptyRoles_ThenUnauthorized() { var attribute = new RequireRolesAttribute(); var response = new Mock <IResponse>(); var request = GetRequestMock(new Mock <IPrincipal>()); attribute.Execute(request.Object, response.Object, null); VerifyUnauthorizedResponse(response); }
public void WhenExecuteWithUnknownRole_ThenUnauthorized() { var attribute = new RequireRolesAttribute("foo"); var response = new Mock <IResponse>(); var user = new Mock <IPrincipal>(); user.Setup(usr => usr.IsInRole(It.IsAny <string>())) .Returns(false); var request = GetRequestMock(user); attribute.Execute(request.Object, response.Object, null); VerifyUnauthorizedResponse(response); }
public void WhenExecuteWithSingleKnownRole_ThenAuthorized() { var attribute = new RequireRolesAttribute("foo"); var response = new Mock <IResponse>(); var user = new Mock <IPrincipal>(); user.Setup(usr => usr.IsInRole("foo")) .Returns(true); var request = GetRequestMock(user); attribute.Execute(request.Object, response.Object, null); VerifyAuthorized(response); }
public void WhenExecuteWithManyRolesAndUserIsGod_ThenAuthorized() { var attribute = new RequireRolesAttribute("foo", "bar"); var response = new Mock <IResponse>(); var user = new Mock <IPrincipal>(); user.Setup(usr => usr.IsInRole(AuthorizationRoles.God)) .Returns(true); user.Setup(usr => usr.IsInRole("foo")) .Returns(false); user.Setup(usr => usr.IsInRole("bar")) .Returns(false); var request = GetRequestMock(user); attribute.Execute(request.Object, response.Object, null); VerifyAuthorized(response); }