public JsonResult DeleteProduct(ShopAdminProductRequest request)
{
if (!isRequestValid(request, DeleteFlag: true))
{
return(_Response.BadRequest());
}
if (!_db.isPasswordRight(request))
{
return(_Response.Forbid());
}
Product product = _db.Get(request.Product.Id);
if (product == null)
{
return(_Response.NotFound());
}
if (product.ShopId != request.Product.ShopId)
{
return(_Response.Forbid());
}
_db.DeleteProduct(product.Id);
return(_Response.Ok(product));
}
public bool isPasswordRight(ShopAdminProductRequest request)
{
using (IDbConnection db = new MySqlConnection(connectionString))
{
var sqlQuery = "SELECT Password FROM Shops WHERE Id=@shopId";
string password = db.Query <string>(sqlQuery, request.Product).FirstOrDefault();
return(request.Password == password);
}
}
public JsonResult PostProduct(ShopAdminProductRequest request)
{
if (!isRequestValid(request))
{
return(_Response.BadRequest());
}
if (!_db.isPasswordRight(request))
{
return(_Response.Forbid());
}
Product product = request.Product;
product = _db.AddProduct(product);
return(_Response.Ok(product));
}
public virtual bool isRequestValid(ShopAdminProductRequest request, bool DeleteFlag = false)
{
if (request == null ||
request.Password == null ||
request.Product == null ||
request.Product.ShopId == 0)
{
return(false);
}
if (!DeleteFlag && (
request.Product.Name == null ||
request.Product.Category == null ||
request.Product.Description == null))
{
return(false);
}
return(true);
}
public void postPutDeleteProductRetunsCode403()
{
var request = new ShopAdminProductRequest();
var dbMock = new Mock <IProductRepository>();
dbMock.Setup(f => f.isPasswordRight(request)).Returns(false);
var controllerMock = new Mock <ProductsController>(dbMock.Object);
controllerMock.Setup(f => f.isRequestValid(request, false)).Returns(true);
controllerMock.Setup(f => f.isRequestValid(request, true)).Returns(true);
ProductsController controller = controllerMock.Object;
var resultPost = controller.PostProduct(request);
var resultPut = controller.UpdateProduct(request);
var resultDelete = controller.DeleteProduct(request);
Assert.Equal(403, resultPost.StatusCode);
Assert.Equal(403, resultPut.StatusCode);
Assert.Equal(403, resultDelete.StatusCode);
}
public JsonResult UpdateProduct(ShopAdminProductRequest request)
{
if (!isRequestValid(request))
{
return(_Response.BadRequest());
}
if (!_db.isPasswordRight(request))
{
return(_Response.Forbid());
}
Product product = _db.Get(request.Product.Id);
if (product == null)
{
return(_Response.NotFound());
}
product = _db.UpdateProduct(request.Product);
return(_Response.Ok(product));
}
public void putProductRetunsCode404()
{
var request = new ShopAdminProductRequest()
{
Product = new Product()
{
Id = 1
}
};
var dbMock = new Mock <IProductRepository>();
dbMock.Setup(f => f.isPasswordRight(request)).Returns(true);
dbMock.Setup(f => f.Get(0)).Returns(new Product());
var controllerMock = new Mock <ProductsController>(dbMock.Object);
controllerMock.Setup(f => f.isRequestValid(request, false)).Returns(true);
ProductsController controller = controllerMock.Object;
var result = controller.UpdateProduct(request);
Assert.Equal(404, result.StatusCode);
}
public void isRequestValidRetunsTrue()
{
var mock = new Mock <IProductRepository>();
ProductsController controller = new ProductsController(mock.Object);
Product product = new Product()
{
Id = 1,
ShopId = 1,
Category = "Sport",
Cost = 3.2,
Count = 3,
Name = "aaaa",
Description = "AAAAA"
};
ShopAdminProductRequest request = new ShopAdminProductRequest();
request.Password = "******";
request.Product = product;
bool result = controller.isRequestValid(request);
Assert.True(result);
}