public void Initialize()
{
_agent = new Mock <IControllersAgent>();
_controllersExecutor = new Mock <IControllerExecutor>();
_redirector = new Mock <IRedirector>();
_processor = new ControllersProcessor(_agent.Object, _controllersExecutor.Object, _redirector.Object);
_context = new Mock <HttpContext>();
_metaData = new ControllerMetaData(typeof(TestController1),
new ControllerExecParameters(new Dictionary <HttpMethod, string> {
{ HttpMethod.Put, "/foo/bar" }
}));
_agent.Setup(x => x.MatchControllerRoute(It.IsAny <IControllerMetaData>(), It.IsAny <string>(), It.IsAny <string>())).Returns(new RouteMatchResult(true, _routeParameters));
_agent.Setup(x => x.GetStandardControllersMetaData()).Returns(() => new List <IControllerMetaData>
{
_metaData
});
_agent.Setup(x => x.IsSecurityRulesViolated(It.IsAny <IControllerMetaData>(), It.IsAny <ClaimsPrincipal>())).Returns(SecurityRuleCheckResult.Ok);
// Setup current URL
_context.SetupGet(x => x.Request.Scheme).Returns("http");
_context.SetupGet(x => x.Request.Host).Returns(new HostString("localhost", 8080));
_context.SetupGet(x => x.Request.Path).Returns(new PathString("/foo/bar"));
_context.SetupGet(x => x.Request.Method).Returns("GET");
}
public void IsSecurityRulesViolated_AuthorizationRequiredNotAuthorized_NotAuthenticated()
{
// Assign
var metaData = new ControllerMetaData(null, null, null, new ControllerSecurity(true));
// Act & Assert
Assert.AreEqual(SecurityRuleCheckResult.NotAuthenticated, _agent.IsSecurityRulesViolated(metaData, null));
}
public void IsSecurityRulesViolated_NoSecurityRules_Ok()
{
// Assign
var metaData = new ControllerMetaData(null);
// Act & Assert
Assert.AreEqual(SecurityRuleCheckResult.Ok, _agent.IsSecurityRulesViolated(metaData, null));
}
public void IsAnyPageController_404Handler_False()
{
// Assign
var metaData = new ControllerMetaData(null, null, new ControllerRole(false, false, true));
// Act & Assert
Assert.IsFalse(_agent.IsAnyPageController(metaData));
}
public void IsAnyPageController_AnyPageControllerWithEmptyRoutes_True()
{
// Assign
var metaData = new ControllerMetaData(null, new ControllerExecParameters(null));
// Act & Assert
Assert.IsTrue(_agent.IsAnyPageController(metaData));
}
public void IsAnyPageController_AnyPageController_True()
{
// Assign
var metaData = new ControllerMetaData(null);
// Act & Assert
Assert.IsTrue(_agent.IsAnyPageController(metaData));
}
public void IsAnyPageController_DeleteRoute_False()
{
// Assign
var metaData = new ControllerMetaData(null, new ControllerExecParameters(new ControllerRouteInfo(null, null, null, null, "/")));
// Act & Assert
Assert.IsFalse(_agent.IsAnyPageController(metaData));
}
public void IsAnyPageController_DeleteRoute_False()
{
// Assign
var metaData = new ControllerMetaData(null, new ControllerExecParameters(new Dictionary <HttpMethod, string> {
{ HttpMethod.Delete, "/" }
}));
// Act & Assert
Assert.IsFalse(_agent.IsAnyPageController(metaData));
}
public void IsSecurityRulesViolated_UserExistNotAuthenticatedUser_NotAuthenticated()
{
// Assign
var metaData = new ControllerMetaData(null, null, null, new ControllerSecurity(true));
var id = new Mock <IIdentity>();
id.Setup(x => x.IsAuthenticated).Returns(false);
var user = new ClaimsPrincipal(id.Object);
// Act & Assert
Assert.AreEqual(SecurityRuleCheckResult.NotAuthenticated, _agent.IsSecurityRulesViolated(metaData, user));
}
public void IsSecurityRulesViolated_AuthorizationRequiredAuthorized_Ok()
{
// Assign
var metaData = new ControllerMetaData(null, null, null, new ControllerSecurity(true));
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, "Foo")
};
var id = new ClaimsIdentity(claims, "test");
var user = new ClaimsPrincipal(id);
// Act & Assert
Assert.AreEqual(SecurityRuleCheckResult.Ok, _agent.IsSecurityRulesViolated(metaData, user));
}
public void IsSecurityRulesViolated_AuthorizationRequiredWithGroupAuthorizedNoGroups_Forbidden()
{
// Assign
var metaData = new ControllerMetaData(null, null, null, new ControllerSecurity(true, "Admin, User"));
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, "Foo")
};
var id = new ClaimsIdentity(claims, DefaultAuthenticationTypes.ApplicationCookie);
var user = new ClaimsPrincipal(id);
// Act & Assert
Assert.AreEqual(SecurityRuleCheckResult.Forbidden, _agent.IsSecurityRulesViolated(metaData, user));
}
public void IsSecurityRulesViolated_AuthorizationRequiredWithGroupAuthorizedNotInGroup_Forbidden()
{
// Assign
var metaData = new ControllerMetaData(null, null, null, new ControllerSecurity(true, new List <string> {
"Admin"
}));
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, "Foo"),
new Claim(ClaimTypes.Role, "User")
};
var id = new ClaimsIdentity(claims, "test");
var user = new ClaimsPrincipal(id);
// Act & Assert
Assert.AreEqual(SecurityRuleCheckResult.Forbidden, _agent.IsSecurityRulesViolated(metaData, user));
}
public void Initialize()
{
_agent = new Mock <IControllersAgent>();
_controllersExecutor = new Mock <IControllerExecutor>();
_processor = new ControllersProcessor(_agent.Object, _controllersExecutor.Object);
_context = new Mock <HttpContext>();
_metaData = new ControllerMetaData(typeof(TestController1),
new ControllerExecParameters(new ControllerRouteInfo("/foo/bar")));
_agent.Setup(x => x.MatchControllerRoute(It.IsAny <IControllerMetaData>(), It.IsAny <string>(), It.IsAny <string>())).Returns(new RouteMatchResult(true, _routeParameters));
_agent.Setup(x => x.GetStandardControllersMetaData()).Returns(() => new List <IControllerMetaData>
{
_metaData
});
_agent.Setup(x => x.IsSecurityRulesViolated(It.IsAny <IControllerMetaData>(), It.IsAny <ClaimsPrincipal>())).Returns(SecurityRuleCheckResult.Ok);
_context.SetupGet(x => x.Request.Path).Returns(new PathString("/foo/bar"));
_context.SetupGet(x => x.Request.Method).Returns("GET");
}
