public async void HandleRequirementAsync_WillNotSucceed_WhenUser_DoesNotHavePermission() { var mockAccessControlService = new Mock <IAccessControlService>(); var mockLoggerFactory = new Mock <ILoggerFactory>(); //GetAll here returns no permissions for this user, user needs MKD_SCENARIO_CREATE to meet the requirement. mockAccessControlService.Setup(x => x.GetAll(It.IsAny <string>())).Returns(new SmOrganisationData() { Permissions = new List <SmPermission>() }); mockLoggerFactory.Setup(x => x.CreateLogger(It.IsAny <string>())).Returns(new Mocklogger()); var user = new ClaimsPrincipal(new ClaimsIdentity(new List <Claim> { new Claim(ClaimTypes.Email, "*****@*****.**") })); var requirement = new ServerAuthorizationRequirement(Policies.MKD_SCENARIO_CREATE); var filterContext = new AuthorizationFilterContext( new Microsoft.AspNetCore.Mvc.ActionContext(new MockHttpContext { }, new Microsoft.AspNetCore.Routing.RouteData { }, new Microsoft.AspNetCore.Mvc.Abstractions.ActionDescriptor()) , new List <IFilterMetadata> { }); var authzContext = new AuthorizationHandlerContext(new List <IAuthorizationRequirement> { requirement }, user, filterContext); var authzHandler = new ServerAuthorizationHandler(mockLoggerFactory.Object, mockAccessControlService.Object); await authzHandler.HandleAsync(authzContext); Assert.False(authzContext.HasSucceeded); }
public async void HandleRequirementAsync_WillNotSucceed_When_EmailAddress_IsNotValid() { var mockAccessControlService = new Mock <IAccessControlService>(); var mockLoggerFactory = new Mock <ILoggerFactory>(); //GetAll here returns no permissions for this user, user needs MKD_SCENARIO_CREATE to meet the requirement. mockAccessControlService.Setup(x => x.GetAll(It.IsAny <string>())).Returns( new SmOrganisationData { Permissions = new List <SmPermission>() { new SmPermission { PermissionCode = Policies.MKD_SCENARIO_CREATE } } } ); mockLoggerFactory.Setup(x => x.CreateLogger(It.IsAny <string>())).Returns(new Mocklogger()); var user = new ClaimsPrincipal(new ClaimsIdentity(new List <Claim> { new Claim(ClaimTypes.Email, "invalidEmailString") })); var requirement = new ServerAuthorizationRequirement(Policies.MKD_SCENARIO_CREATE); var authzContext = new AuthorizationHandlerContext(new List <IAuthorizationRequirement> { requirement }, user, null); var authzHandler = new ServerAuthorizationHandler(mockLoggerFactory.Object, mockAccessControlService.Object); await authzHandler.HandleAsync(authzContext); Assert.False(authzContext.HasSucceeded); }