예제 #1
0
        public void CheckInternalOrOrganisationAccess_ReturnsTrue_WhenUserHasRequiredInternalClaim()
        {
            // Arrange
            Guid organisationID = new Guid("5F3069F4-EDA3-43A3-BDD8-726028CDABB0");
            Guid userId         = Guid.NewGuid();

            IUserContext userContext = A.Fake <IUserContext>();
            WeeeContext  weeeContext =
                MakeFakeWeeeContext(
                    userContext,
                    userId,
                    new List <OrganisationUser> {
                new OrganisationUser(userId, organisationID, UserStatus.Active)
            });

            ClaimsIdentity identity = new ClaimsIdentity();

            identity.AddClaim(new Claim(ClaimTypes.AuthenticationMethod, Claims.CanAccessInternalArea));

            ClaimsPrincipal principal = new ClaimsPrincipal(identity);

            A.CallTo(() => userContext.Principal).Returns(principal);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            bool result = authorization.CheckInternalOrOrganisationAccess(organisationID);

            // Assert
            Assert.Equal(true, result);
        }
예제 #2
0
        public void CheckSchemeAccess_ReturnsTrue_WhenUserHasRequiredClaims()
        {
            // Arrange
            Guid organisationID = Guid.NewGuid();
            Guid userId         = Guid.NewGuid();
            Guid schemeID       = new Guid("5F3069F4-EDA3-43A3-BDD8-726028CDABB0");

            Domain.Scheme.Scheme scheme = new Domain.Scheme.Scheme(organisationID);
            typeof(Entity).GetProperty("Id").SetValue(scheme, schemeID); // <- sad but necessary

            IUserContext userContext = A.Fake <IUserContext>();

            WeeeContext weeeContext =
                MakeFakeWeeeContext(
                    userContext,
                    userId,
                    new List <OrganisationUser> {
                new OrganisationUser(userId, organisationID, UserStatus.Active)
            },
                    new List <Domain.Scheme.Scheme> {
                scheme
            });

            A.CallTo(() => userContext.UserId).Returns(userId);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            bool result = authorization.CheckSchemeAccess(schemeID);

            // Assert
            Assert.Equal(true, result);
        }
예제 #3
0
        public void EnsureSchemeAccess_ThrowsSecurityException_WhenUserHasNoClaims()
        {
            // Arrange
            Guid schemeID = new Guid("5F3069F4-EDA3-43A3-BDD8-726028CDABB0");

            IUserContext userContext = A.Fake <IUserContext>();
            WeeeContext  weeeContext = MakeFakeWeeeContext(userContext);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            Action action = () => authorization.EnsureSchemeAccess(schemeID);

            // Assert
            Assert.Throws(typeof(SecurityException), action);
        }
예제 #4
0
        public void CheckSchemeAccess_ReturnsFalse_WhenUserHasNoClaims()
        {
            // Arrange
            Guid schemeID = new Guid("5F3069F4-EDA3-43A3-BDD8-726028CDABB0");

            IUserContext userContext = A.Fake <IUserContext>();
            WeeeContext  weeeContext = MakeFakeWeeeContext(userContext);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            bool result = authorization.CheckSchemeAccess(schemeID);

            // Assert
            Assert.Equal(false, result);
        }
예제 #5
0
        public void EnsureCanAccessExternalArea_ThrowsSecurityException_WhenUserHasNoClaims()
        {
            // Arrange
            WeeeContext weeeContext = A.Fake <WeeeContext>();

            ClaimsPrincipal principal   = new ClaimsPrincipal();
            IUserContext    userContext = A.Fake <IUserContext>();

            A.CallTo(() => userContext.Principal).Returns(principal);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            Action action = () => authorization.EnsureCanAccessExternalArea();

            // Assert
            Assert.Throws(typeof(SecurityException), action);
        }
예제 #6
0
        public void CheckCanAccessExternalArea_ReturnsFalse_WhenUserHasNoClaims()
        {
            // Arrange
            WeeeContext weeeContext = A.Fake <WeeeContext>();

            ClaimsPrincipal principal   = new ClaimsPrincipal();
            IUserContext    userContext = A.Fake <IUserContext>();

            A.CallTo(() => userContext.Principal).Returns(principal);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            bool result = authorization.CheckCanAccessExternalArea();

            // Assert
            Assert.Equal(false, result);
        }
예제 #7
0
        public void EnsureUserInRole_ThrowsSecurityException_WhenUserIsNotInRole()
        {
            // Arrange
            var          userId      = Guid.NewGuid();
            IUserContext userContext = A.Fake <IUserContext>();

            var competentAuthorityUsers = new List <CompetentAuthorityUser>
            {
                new CompetentAuthorityUser(userId.ToString(), Guid.NewGuid(), UserStatus.Active, new Role("InternalUser", "Standard user"))
            };

            WeeeContext weeeContext = MakeFakeWeeeContext(userContext, userId: userId, competentAuthorityUsers: competentAuthorityUsers);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act, Assert
            Assert.Throws <SecurityException>(() => authorization.EnsureUserInRole(Roles.InternalAdmin));
        }
        public void EnsureCanAccessInternalArea_ThrowsSecurityException_WhenUserHasNoClaims()
        {
            // Arrange
            WeeeContext weeeContext = A.Fake<WeeeContext>();

            ClaimsPrincipal principal = new ClaimsPrincipal();
            IUserContext userContext = A.Fake<IUserContext>();
            A.CallTo(() => userContext.Principal).Returns(principal);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            Action action = () => authorization.EnsureCanAccessInternalArea();

            // Assert
            Assert.Throws(typeof(SecurityException), action);
            A.CallTo(() => weeeContext.CompetentAuthorityUsers).MustNotHaveHappened();
        }
        public void EnsureCanAccessInternalArea_ActiveUserNotRequired_DoesNotThrowSecurityException_WhenUserHasClaimsAndIsNotActive()
        {
            // Arrange
            IUserContext userContext = A.Fake<IUserContext>();
            WeeeContext weeeContext = MakeFakeWeeeContext(userContext, userStatusActive: false);

            ClaimsIdentity identity = new ClaimsIdentity();
            identity.AddClaim(new Claim(ClaimTypes.AuthenticationMethod, Claims.CanAccessInternalArea));

            ClaimsPrincipal principal = new ClaimsPrincipal(identity);
            A.CallTo(() => userContext.Principal).Returns(principal);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            var ex = Record.Exception(() => authorization.EnsureCanAccessInternalArea(false));

            // Assert
            Assert.Null(ex);
            A.CallTo(() => weeeContext.CompetentAuthorityUsers).MustNotHaveHappened();
        }
예제 #10
0
        public void CheckUserInRole_ReturnsTrue_WhenUserIsInRole()
        {
            // Arrange
            var          userId      = Guid.NewGuid();
            IUserContext userContext = A.Fake <IUserContext>();

            var competentAuthorityUsers = new List <CompetentAuthorityUser>
            {
                new CompetentAuthorityUser(userId.ToString(), Guid.NewGuid(), UserStatus.Active, new Role("InternalAdmin", "Administrator"))
            };

            WeeeContext weeeContext = MakeFakeWeeeContext(userContext, userId: userId, competentAuthorityUsers: competentAuthorityUsers);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            bool result = authorization.CheckUserInRole(Roles.InternalAdmin);

            // Assert
            Assert.True(result);
        }
예제 #11
0
        public void CheckCanAccessExternalArea_ReturnsTrue_WhenUserHasRequiredClaim()
        {
            // Arrange
            WeeeContext weeeContext = A.Fake <WeeeContext>();

            ClaimsIdentity identity = new ClaimsIdentity();

            identity.AddClaim(new Claim(ClaimTypes.AuthenticationMethod, Claims.CanAccessExternalArea));

            ClaimsPrincipal principal   = new ClaimsPrincipal(identity);
            IUserContext    userContext = A.Fake <IUserContext>();

            A.CallTo(() => userContext.Principal).Returns(principal);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            bool result = authorization.CheckCanAccessExternalArea();

            // Assert
            Assert.Equal(true, result);
        }
예제 #12
0
        public void CheckCanAccessInternalArea_ActiveUserNotRequired_ReturnsTrue_WhenUserHasClaimsAndIsNotActive()
        {
            // Arrange
            IUserContext userContext = A.Fake <IUserContext>();
            WeeeContext  weeeContext = MakeFakeWeeeContext(userContext);

            ClaimsIdentity identity = new ClaimsIdentity();

            identity.AddClaim(new Claim(ClaimTypes.AuthenticationMethod, Claims.CanAccessInternalArea));

            ClaimsPrincipal principal = new ClaimsPrincipal(identity);

            A.CallTo(() => userContext.Principal).Returns(principal);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            bool result = authorization.CheckCanAccessInternalArea(false);

            // Assert
            Assert.Equal(true, result);
            A.CallTo(() => weeeContext.CompetentAuthorityUsers).MustNotHaveHappened();
        }
예제 #13
0
        public void EnsureCanAccessInternalArea_ActiveUserNotRequired_DoesNotThrowSecurityException_WhenUserHasClaimsAndIsNotActive()
        {
            // Arrange
            IUserContext userContext = A.Fake <IUserContext>();
            WeeeContext  weeeContext = MakeFakeWeeeContext(userContext, userStatusActive: false);

            ClaimsIdentity identity = new ClaimsIdentity();

            identity.AddClaim(new Claim(ClaimTypes.AuthenticationMethod, Claims.CanAccessInternalArea));

            ClaimsPrincipal principal = new ClaimsPrincipal(identity);

            A.CallTo(() => userContext.Principal).Returns(principal);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            var ex = Record.Exception(() => authorization.EnsureCanAccessInternalArea(false));

            // Assert
            Assert.Null(ex);
            A.CallTo(() => weeeContext.CompetentAuthorityUsers).MustNotHaveHappened();
        }
예제 #14
0
        public void CheckInternalOrOrganisationAccess_ReturnsTrue_WhenUserHasRequiredOrganisationClaim()
        {
            // Arrange
            Guid organisationID = new Guid("5F3069F4-EDA3-43A3-BDD8-726028CDABB0");
            Guid userId         = Guid.NewGuid();

            IUserContext userContext = A.Fake <IUserContext>();
            WeeeContext  weeeContext =
                MakeFakeWeeeContext(
                    userContext,
                    userId,
                    new List <OrganisationUser> {
                new OrganisationUser(userId, organisationID, UserStatus.Active)
            });

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            bool result = authorization.CheckInternalOrOrganisationAccess(organisationID);

            // Assert
            Assert.Equal(true, result);
        }
        public void CheckCanAccessInternalArea_ActiveUserNotRequired_ReturnsTrue_WhenUserHasClaimsAndIsNotActive()
        {
            // Arrange
            IUserContext userContext = A.Fake<IUserContext>();
            WeeeContext weeeContext = MakeFakeWeeeContext(userContext);

            ClaimsIdentity identity = new ClaimsIdentity();
            identity.AddClaim(new Claim(ClaimTypes.AuthenticationMethod, Claims.CanAccessInternalArea));

            ClaimsPrincipal principal = new ClaimsPrincipal(identity);
            A.CallTo(() => userContext.Principal).Returns(principal);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            bool result = authorization.CheckCanAccessInternalArea(false);

            // Assert
            Assert.Equal(true, result);
            A.CallTo(() => weeeContext.CompetentAuthorityUsers).MustNotHaveHappened();
        }
        public void CheckCanAccessExternalArea_ReturnsTrue_WhenUserHasRequiredClaim()
        {
            // Arrange
            WeeeContext weeeContext = A.Fake<WeeeContext>();

            ClaimsIdentity identity = new ClaimsIdentity();
            identity.AddClaim(new Claim(ClaimTypes.AuthenticationMethod, Claims.CanAccessExternalArea));

            ClaimsPrincipal principal = new ClaimsPrincipal(identity);
            IUserContext userContext = A.Fake<IUserContext>();
            A.CallTo(() => userContext.Principal).Returns(principal);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            bool result = authorization.CheckCanAccessExternalArea();

            // Assert
            Assert.Equal(true, result);
        }
        public void CheckInternalOrOrganisationAccess_ReturnsTrue_WhenUserHasRequiredOrganisationClaim()
        {
            // Arrange
            Guid organisationID = new Guid("5F3069F4-EDA3-43A3-BDD8-726028CDABB0");
            Guid userId = Guid.NewGuid();

            IUserContext userContext = A.Fake<IUserContext>();
            WeeeContext weeeContext =
                MakeFakeWeeeContext(
                    userContext,
                    userId,
                    new List<OrganisationUser> { new OrganisationUser(userId, organisationID, UserStatus.Active) });

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            bool result = authorization.CheckInternalOrOrganisationAccess(organisationID);

            // Assert
            Assert.Equal(true, result);
        }
        public void CheckInternalOrOrganisationAccess_ReturnsTrue_WhenUserHasRequiredInternalClaim()
        {
            // Arrange
            Guid organisationID = new Guid("5F3069F4-EDA3-43A3-BDD8-726028CDABB0");
            Guid userId = Guid.NewGuid();

            IUserContext userContext = A.Fake<IUserContext>();
            WeeeContext weeeContext =
                MakeFakeWeeeContext(
                    userContext,
                    userId,
                    new List<OrganisationUser> { new OrganisationUser(userId, organisationID, UserStatus.Active) });

            ClaimsIdentity identity = new ClaimsIdentity();
            identity.AddClaim(new Claim(ClaimTypes.AuthenticationMethod, Claims.CanAccessInternalArea));

            ClaimsPrincipal principal = new ClaimsPrincipal(identity);
            A.CallTo(() => userContext.Principal).Returns(principal);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            bool result = authorization.CheckInternalOrOrganisationAccess(organisationID);

            // Assert
            Assert.Equal(true, result);
        }
        public void EnsureSchemeAccess_ThrowsSecurityException_WhenUserHasNoClaims()
        {
            // Arrange
            Guid schemeID = new Guid("5F3069F4-EDA3-43A3-BDD8-726028CDABB0");

            IUserContext userContext = A.Fake<IUserContext>();
            WeeeContext weeeContext = MakeFakeWeeeContext(userContext);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            Action action = () => authorization.EnsureSchemeAccess(schemeID);

            // Assert
            Assert.Throws(typeof(SecurityException), action);
        }
        public void CheckSchemeAccess_ReturnsFalse_WhenUserHasNoClaims()
        {
            // Arrange
            Guid schemeID = new Guid("5F3069F4-EDA3-43A3-BDD8-726028CDABB0");

            IUserContext userContext = A.Fake<IUserContext>();
            WeeeContext weeeContext = MakeFakeWeeeContext(userContext);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            bool result = authorization.CheckSchemeAccess(schemeID);

            // Assert
            Assert.Equal(false, result);
        }
        public void CheckSchemeAccess_ReturnsTrue_WhenUserHasRequiredClaims()
        {
            // Arrange
            Guid organisationID = Guid.NewGuid();
            Guid userId = Guid.NewGuid();
            Guid schemeID = new Guid("5F3069F4-EDA3-43A3-BDD8-726028CDABB0");
            Domain.Scheme.Scheme scheme = new Domain.Scheme.Scheme(organisationID);
            typeof(Entity).GetProperty("Id").SetValue(scheme, schemeID); // <- sad but necessary

            IUserContext userContext = A.Fake<IUserContext>();

            WeeeContext weeeContext =
                MakeFakeWeeeContext(
                    userContext,
                    userId,
                    new List<OrganisationUser> { new OrganisationUser(userId, organisationID, UserStatus.Active) },
                    new List<Domain.Scheme.Scheme> { scheme });

            A.CallTo(() => userContext.UserId).Returns(userId);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            bool result = authorization.CheckSchemeAccess(schemeID);

            // Assert
            Assert.Equal(true, result);
        }
        public void CheckUserInRole_ReturnsTrue_WhenUserIsInRole()
        {
            // Arrange
            var userId = Guid.NewGuid();
            IUserContext userContext = A.Fake<IUserContext>();

            var competentAuthorityUsers = new List<CompetentAuthorityUser>
            {
                new CompetentAuthorityUser(userId.ToString(), Guid.NewGuid(), UserStatus.Active, new Role("InternalAdmin", "Administrator"))
            };

            WeeeContext weeeContext = MakeFakeWeeeContext(userContext, userId: userId, competentAuthorityUsers: competentAuthorityUsers);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            bool result = authorization.CheckUserInRole(Roles.InternalAdmin);

            // Assert
            Assert.True(result);
        }
        public void EnsureUserInRole_ThrowsSecurityException_WhenUserIsNotInRole()
        {
            // Arrange
            var userId = Guid.NewGuid();
            IUserContext userContext = A.Fake<IUserContext>();

            var competentAuthorityUsers = new List<CompetentAuthorityUser>
            {
                new CompetentAuthorityUser(userId.ToString(), Guid.NewGuid(), UserStatus.Active, new Role("InternalUser", "Standard user"))
            };

            WeeeContext weeeContext = MakeFakeWeeeContext(userContext, userId: userId, competentAuthorityUsers: competentAuthorityUsers);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act, Assert
            Assert.Throws<SecurityException>(() => authorization.EnsureUserInRole(Roles.InternalAdmin));
        }
        public void CheckCanAccessInternalArea_ReturnsFalse_WhenUserHasNoClaims()
        {
            // Arrange
            WeeeContext weeeContext = A.Fake<WeeeContext>();

            ClaimsPrincipal principal = new ClaimsPrincipal();
            IUserContext userContext = A.Fake<IUserContext>();
            A.CallTo(() => userContext.Principal).Returns(principal);

            WeeeAuthorization authorization = new WeeeAuthorization(weeeContext, userContext);

            // Act
            bool result = authorization.CheckCanAccessInternalArea();

            // Assert
            Assert.Equal(false, result);
            A.CallTo(() => weeeContext.CompetentAuthorityUsers).MustNotHaveHappened();
        }