public void GivenAController_WhenExecutedActionAndStatusOf403_ThenAuditLogShouldNotLogged()
{
var fhirResult = new FhirResult(new Patient()
{
Name = { new HumanName()
{
Text = "TestPatient"
} }
}.ToResourceElement());
var resultExecutedContext = new ResultExecutedContext(
new ActionContext(_httpContext, new RouteData(), new ControllerActionDescriptor()
{
DisplayName = "Executed Context Test Descriptor"
}),
new List <IFilterMetadata>(),
fhirResult,
FilterTestsHelper.CreateMockFhirController());
_httpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
_filter.OnResultExecuted(resultExecutedContext);
_auditHelper.DidNotReceiveWithAnyArgs().LogExecuted(Arg.Any <HttpContext>(), Arg.Any <IClaimsExtractor>());
}
public void GivenAController_WhenExecutingAction_ThenAuditLogShouldBeLogged()
{
var actionExecutingContext = new ActionExecutingContext(
new ActionContext(_httpContext, new RouteData(), new ControllerActionDescriptor()
{
DisplayName = "Executing Context Test Descriptor"
}),
new List <IFilterMetadata>(),
new Dictionary <string, object>(),
FilterTestsHelper.CreateMockFhirController());
_filter.OnActionExecuting(actionExecutingContext);
_auditHelper.Received(1).LogExecuting(_httpContext, _claimsExtractor);
}
private static ActionExecutingContext CreateContext(string mode = null, string profile = null, bool idMode = false, bool isParameters = false)
{
var queryParams = new Dictionary <string, StringValues>();
if (!isParameters && !string.IsNullOrEmpty(mode))
{
queryParams.Add(KnownQueryParameterNames.Mode, mode);
}
if (!isParameters && !string.IsNullOrEmpty(profile))
{
queryParams.Add(KnownQueryParameterNames.Profile, profile);
}
var httpRequest = Substitute.For <HttpRequest>();
httpRequest.Query = new QueryCollection(queryParams);
var httpContext = Substitute.For <HttpContext>();
httpContext.Request.Returns(httpRequest);
Resource resource = new Observation();
if (isParameters)
{
var parameters = new Parameters();
parameters.Add(KnownQueryParameterNames.Mode, new Code(mode));
parameters.Add(KnownQueryParameterNames.Profile, new FhirUri(profile));
resource = parameters;
}
return(new ActionExecutingContext(
new ActionContext(
httpContext,
new RouteData {
Values = { [KnownActionParameterNames.ResourceType] = "Observation" }
},
new ActionDescriptor()
{
DisplayName = idMode ? "ValidateById" : string.Empty
}),
new List <IFilterMetadata>(),
new Dictionary <string, object> {
{ "resource", resource }
},
FilterTestsHelper.CreateMockFhirController()));
}
public void GivenChangeFeedController_WhenExecutedAction_ThenAuditLogShouldBeLogged()
{
var result = new NoContentResult();
var resultExecutedContext = new ResultExecutedContext(
new ActionContext(_httpContext, new RouteData(), new ControllerActionDescriptor()
{
DisplayName = "Executed ChangeFeed."
}),
new List <IFilterMetadata>(),
result,
FilterTestsHelper.CreateMockChangeFeedController());
_filter.OnResultExecuted(resultExecutedContext);
_auditHelper.Received(1).LogExecuted(_httpContext, _claimsExtractor);
}
public void GivenStoreController_WhenExecutedActionThrowsException_ThenAuditLogShouldBeLogged()
{
var result = new NoContentResult();
var actionExecutedContext = new ActionExecutedContext(
new ActionContext(_httpContext, new RouteData(), new ControllerActionDescriptor()
{
DisplayName = "Executed Store."
}),
new List <IFilterMetadata>(),
FilterTestsHelper.CreateMockStoreController());
actionExecutedContext.Exception = new Exception("Test Exception.");
_filter.OnActionExecuted(actionExecutedContext);
_auditHelper.Received(1).LogExecuted(_httpContext, _claimsExtractor);
}
public void GivenChangeFeedController_WhenExecutedActionThrowsException_ThenAuditLogShouldNotBeLogged()
{
var result = new NoContentResult();
var actionExecutedContext = new ActionExecutedContext(
new ActionContext(_httpContext, new RouteData(), new ControllerActionDescriptor()
{
DisplayName = "Executed ChangeFeed."
}),
new List <IFilterMetadata>(),
FilterTestsHelper.CreateMockChangeFeedController());
actionExecutedContext.Exception = new Exception("Test Exception.");
_filter.OnActionExecuted(actionExecutedContext);
_auditHelper.DidNotReceiveWithAnyArgs().LogExecuted(
httpContext: default,
public void GivenARequest_WhenTwoProfilesArePassed_ThenAnExceptionIsReturned()
{
var queryParams = new Dictionary <string, StringValues>();
queryParams.Add(KnownQueryParameterNames.Profile, "test");
var httpRequest = Substitute.For <HttpRequest>();
httpRequest.Query = new QueryCollection(queryParams);
var httpContext = Substitute.For <HttpContext>();
httpContext.Request.Returns(httpRequest);
var parameters = new Parameters();
parameters.Add(KnownQueryParameterNames.Profile, new FhirUri("otherTest"));
var actionContext = new ActionExecutingContext(
new ActionContext(
httpContext,
new RouteData {
Values = { [KnownActionParameterNames.ResourceType] = "Observation" }
},
new ActionDescriptor()
{
DisplayName = string.Empty
}),
new List <IFilterMetadata>(),
new Dictionary <string, object> {
{ "resource", parameters }
},
FilterTestsHelper.CreateMockFhirController());
var filter = new ValidationQueryFilterAndParameterParserAttribute(Options.Create(_featureConfiguration));
var exception = Assert.Throws <BadRequestException>(() => filter.OnActionExecuting(actionContext));
Assert.Equal("Only one profile can be provided between a Parameters resource and the URL", exception.Message);
}
public void GivenAController_WhenExecutedAction_ThenAuditLogShouldBeLogged()
{
var fhirResult = new FhirResult(new Patient()
{
Name = { new HumanName()
{
Text = "TestPatient"
} }
}.ToResourceElement());
var resultExecutedContext = new ResultExecutedContext(
new ActionContext(_httpContext, new RouteData(), new ControllerActionDescriptor()
{
DisplayName = "Executed Context Test Descriptor"
}),
new List <IFilterMetadata>(),
fhirResult,
FilterTestsHelper.CreateMockFhirController());
_filter.OnResultExecuted(resultExecutedContext);
_auditHelper.Received(1).LogExecuted(_httpContext, _claimsExtractor);
}
