public async Task GrantsInheritedPermissions()
{
// Arrange
var level2 = new Permission("Implicit2");
var level1 = new Permission("Implicit1", "Foo", new[] { level2 });
var required = new Permission("Required", "Foo", new[] { level1 });
var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(required);
var permissionHandler = CreatePermissionHandler(
new Role
{
RoleName = "Anonymous",
RoleClaims = new List <RoleClaim> {
new RoleClaim {
ClaimType = Permission.ClaimType, ClaimValue = "Implicit2"
}
}
}
);
// Act
await permissionHandler.HandleAsync(context);
// Assert
Assert.True(context.HasSucceeded);
}
public async Task GrantsRolesPermissions(string required, bool authenticated, bool success)
{
// Arrange
var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(new Permission(required), authenticated: authenticated);
var permissionHandler = CreatePermissionHandler(
new Role
{
RoleName = "Anonymous",
RoleClaims = new List <RoleClaim> {
new RoleClaim {
ClaimType = Permission.ClaimType, ClaimValue = "AllowAnonymous"
}
}
},
new Role
{
RoleName = "Authenticated",
RoleClaims = new List <RoleClaim> {
new RoleClaim {
ClaimType = Permission.ClaimType, ClaimValue = "AllowAuthenticated"
}
}
}
);
// Act
await permissionHandler.HandleAsync(context);
// Assert
Assert.Equal(success, context.HasSucceeded);
}
public async Task IsCaseIsensitive(string required, bool authenticated)
{
// Arrange
var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(new Permission(required), authenticated: authenticated);
var permissionHandler = CreatePermissionHandler(
new Role
{
RoleName = "Anonymous",
RoleClaims = new List <RoleClaim> {
new RoleClaim {
ClaimType = Permission.ClaimType, ClaimValue = "aLlOwAnOnYmOuS"
}
}
},
new Role
{
RoleName = "Authenticated",
RoleClaims = new List <RoleClaim> {
new RoleClaim {
ClaimType = Permission.ClaimType, ClaimValue = "aLlOwAuThEnTiCaTeD"
}
}
}
);
// Act
await permissionHandler.HandleAsync(context);
// Assert
Assert.True(context.HasSucceeded);
}
public async Task DontRevokeExistingGrants()
{
// Arrange
var context = PermissionHandlerHelper.CreateTestAuthorizationHandlerContext(new Permission("Required"), new[] { "Other" }, true);
var permissionHandler = CreatePermissionHandler();
await context.SuccessAsync("Required");
// Act
await permissionHandler.HandleAsync(context);
// Assert
Assert.True(context.HasSucceeded);
}