public async Task Should_Return_Forbidden_Status_Code_When_Requesting_By_User_Client()
{
var factory = new UserWebApplicationFactory("UserShouldNotUpdateAccountRolesIntegrationTest");
var client = factory.WithWebHostBuilder(builder => builder.ConfigureWebHostBuilderForIntegrationTest())
.CreateClient(new WebApplicationFactoryClientOptions
{
AllowAutoRedirect = false
});
var accountRoleEntity = await InsertUserRoleEntityIfNotExistsAsync(factory.DbContext);
var accountEntity = await InsertAccountEntityAsync(factory.DbContext, accountRoleEntity.Id);
var updateAccountRolesRequest = new UpdateAccountRolesRequest
{
Roles = new List <Guid> {
accountRoleEntity.Id
}
};
var updateAccountRolesRequestString = JsonConvert.SerializeObject(updateAccountRolesRequest);
var requestContent = new StringContent(updateAccountRolesRequestString, Encoding.UTF8, "application/json");
client.DefaultRequestHeaders.Add("api-version", "1");
var response = await client.PutAsync($"api/accounts/{accountEntity.Id}/roles", requestContent);
response.StatusCode.Should().BeEquivalentTo(HttpStatusCode.Forbidden);
}
public async Task Should_Update_Account_Roles_When_Requesting_By_Administrator_Client()
{
var factory = new AdministratorWebApplicationFactory("AdministratorShouldUpdateAccountRolesIntegrationTest");
var client = factory.WithWebHostBuilder(builder => builder.ConfigureWebHostBuilderForIntegrationTest())
.CreateClient(new WebApplicationFactoryClientOptions
{
AllowAutoRedirect = false
});
var accountRoleEntity = await InsertUserRoleEntityIfNotExistsAsync(factory.DbContext);
var accountEntity = await InsertAccountEntityAsync(factory.DbContext, accountRoleEntity.Id);
var roleToUpdate = await InsertRoleEntityToUpdateAsync(factory.DbContext);
var updateAccountRolesRequest = new UpdateAccountRolesRequest
{
Roles = new List <Guid> {
accountRoleEntity.Id, roleToUpdate.Id
}
};
var updateAccountRolesRequestString = JsonConvert.SerializeObject(updateAccountRolesRequest);
var requestContent = new StringContent(updateAccountRolesRequestString, Encoding.UTF8, "application/json");
client.DefaultRequestHeaders.Add("api-version", "1");
var response = await client.PutAsync($"api/accounts/{accountEntity.Id}/roles", requestContent);
response.StatusCode.Should().BeEquivalentTo(HttpStatusCode.NoContent);
var updatedAccountRoleEntities = await factory.DbContext.AccountRoles.Where(x => x.AccountId == accountEntity.Id)
.ToListAsync();
var updatedAccountRoleIds = updatedAccountRoleEntities.Select(x => x.RoleId);
updatedAccountRoleIds.Should().Contain(roleToUpdate.Id);
}
public async Task Should_Return_Unauthorized_Status_Code_When_Requesting_By_Anonymous_Client()
{
var updateAccountRolesRequest = new UpdateAccountRolesRequest
{
Roles = new List <Guid> {
Guid.NewGuid()
}
};
var updateAccountRequestString = JsonConvert.SerializeObject(updateAccountRolesRequest);
var requestContent = new StringContent(updateAccountRequestString, Encoding.UTF8, "application/json");
_fixture.AnonymousHttpClient.DefaultRequestHeaders.Add("api-version", "1");
var response = await _fixture.AnonymousHttpClient.PutAsync($"api/accounts/{Guid.NewGuid()}/roles", requestContent);
response.StatusCode.Should().BeEquivalentTo(HttpStatusCode.Unauthorized);
}
public async Task UpdateAccountRolesAsync_Should_Return_NoContentResult()
{
var accountId = Guid.NewGuid();
var updateAccountRolesRequest = new UpdateAccountRolesRequest
{
Roles = new List <Guid> {
Guid.NewGuid()
}
};
_communicationBusMock.Setup(x => x.SendCommandAsync(It.IsAny <UpdateAccountRolesCommand>(), It.IsAny <CancellationToken>()))
.Returns(Task.CompletedTask);
var result = await _controller.UpdateAccountRolesAsync(accountId, updateAccountRolesRequest);
var noContentResult = result.As <NoContentResult>();
noContentResult.Should().NotBeNull();
}
public async Task <IActionResult> UpdateAccountRolesAsync([FromRoute] Guid id, [FromBody] UpdateAccountRolesRequest request)
{
var updateAccountRolesCommand = new UpdateAccountRolesCommand(id, request.Roles);
await _communicationBus.SendCommandAsync(updateAccountRolesCommand);
return(NoContent());
}
