public void NotLoggedIn() { var permissionAttribute = new PermissionAttribute( new List <UserManager.AppPermissions> { UserManager.AppPermissions.AppSettingsWrite } .ToArray()); var authorizationFilterContext = new AuthorizationFilterContext( new ActionContext(new DefaultHttpContext(), new RouteData(), new ActionDescriptor()), new List <IFilterMetadata>()); permissionAttribute.OnAuthorization(authorizationFilterContext); Assert.AreEqual(authorizationFilterContext.Result.GetType(), new UnauthorizedResult().GetType()); }
public void PermissionClaimMissing() { var permissionAttribute = new PermissionAttribute( new List <UserManager.AppPermissions> { UserManager.AppPermissions.AppSettingsWrite } .ToArray()); var httpContext = new DefaultHttpContext { User = new ClaimsPrincipal(new ClaimsIdentity( new Claim[] { new Claim(ClaimTypes.Name, "username") }, "someAuthTypeName")) }; var authorizationFilterContext = new AuthorizationFilterContext( new ActionContext(httpContext, new RouteData(), new ActionDescriptor()), new List <IFilterMetadata>()); permissionAttribute.OnAuthorization(authorizationFilterContext); Assert.AreEqual(authorizationFilterContext.Result.GetType(), new UnauthorizedResult().GetType()); }
public void PermissionClaimExist() { var permissionAttribute = new PermissionAttribute( new List <UserManager.AppPermissions> { UserManager.AppPermissions.AppSettingsWrite } .ToArray()); var httpContext = new DefaultHttpContext { User = new ClaimsPrincipal(new ClaimsIdentity( new[] { new Claim("Permission", UserManager.AppPermissions.AppSettingsWrite.ToString()) })) }; var authorizationFilterContext = new AuthorizationFilterContext( new ActionContext(httpContext, new RouteData(), new ActionDescriptor()), new List <IFilterMetadata>()); permissionAttribute.OnAuthorization(authorizationFilterContext); var existHeader = authorizationFilterContext.HttpContext.Response.Headers["x-permission"] == "true"; Assert.IsTrue(existHeader); }