Exemplo n.º 1
0
        public static async Task OnAuthorizationAsync_UserHasDifferentPrimaryOrganisationId_ReturnsExpectedValue(
            string organisationId1,
            string organisationId2)
        {
            var user = ClaimsPrincipalBuilder.Create()
                       .WithClaim(ApplicationClaimTypes.Ordering)
                       .WithClaim(UserClaimTypes.PrimaryOrganisationId, organisationId1)
                       .Build();

            var actionDescriptor = new ActionDescriptor
            {
                EndpointMetadata = new object[] { new AuthorizeOrganisationAttribute() },
                Parameters       = new[] { new ParameterDescriptor {
                                               Name = DefaultActionMethodParameterName
                                           } },
            };

            var context = AuthorizationFilterContextBuilder.Create()
                          .WithActionDescription(actionDescriptor)
                          .WithRouteValue(DefaultRouteParameterName, null)
                          .WithUser(user)
                          .Build();

            var filter = new TestFilter {
                Id = organisationId2
            };
            await filter.OnAuthorizationAsync(context);

            context.Result.Should().NotBeNull();
            context.Result.Should().BeOfType <ForbidResult>();
        }
Exemplo n.º 2
0
        public static async Task OnAuthorizationAsync_UserHasSamePrimaryOrganisationId_ReturnsExpectedValue(
            string organisationId,
            OrganisationIdOrganisationAuthorizationFilter filter)
        {
            const string parameterName = OrganisationIdOrganisationAuthorizationFilter.DefaultParameterName;

            var user = ClaimsPrincipalBuilder.Create()
                       .WithClaim(ApplicationClaimTypes.Ordering)
                       .WithClaim(UserClaimTypes.PrimaryOrganisationId, organisationId)
                       .Build();

            var actionDescriptor = new ActionDescriptor
            {
                EndpointMetadata = new object[] { new AuthorizeOrganisationAttribute() },
                Parameters       = new[] { new ParameterDescriptor {
                                               Name = parameterName
                                           } },
            };

            var context = AuthorizationFilterContextBuilder.Create()
                          .WithActionDescription(actionDescriptor)
                          .WithRouteValue(parameterName, organisationId)
                          .WithUser(user)
                          .Build();

            await filter.OnAuthorizationAsync(context);

            context.Result.Should().BeNull();
        }
Exemplo n.º 3
0
        public static async Task OnAuthorizationAsync_ImplementationReturnsActionResult_ReturnsExpectedValue()
        {
            var user             = ClaimsPrincipalBuilder.Create().WithClaim(ApplicationClaimTypes.Ordering).Build();
            var actionDescriptor = new ActionDescriptor
            {
                EndpointMetadata = new object[] { new AuthorizeOrganisationAttribute() },
                Parameters       = new[] { new ParameterDescriptor {
                                               Name = DefaultActionMethodParameterName
                                           } },
            };

            var context = AuthorizationFilterContextBuilder.Create()
                          .WithActionDescription(actionDescriptor)
                          .WithRouteValue(DefaultRouteParameterName, null)
                          .WithUser(user)
                          .Build();

            var result = new OkResult();

            context.Result = result;
            var expectedResult = new NoContentResult();

            var filter = new TestFilter {
                Result = expectedResult
            };
            await filter.OnAuthorizationAsync(context);

            context.Result.Should().Be(expectedResult);
        }
Exemplo n.º 4
0
        public static async Task OnAuthorizationAsync_UserHasSamePrimaryOrganisationId_ReturnsExpectedValue(
            [Frozen] ApplicationDbContext dbContext,
            [Frozen] CallOffId callOffId,
            Order order,
            OrderLookupOrganisationAuthorizationFilter filter)
        {
            dbContext.Order.Add(order);
            await dbContext.SaveChangesAsync();

            const string parameterName = OrderLookupOrganisationAuthorizationFilter.DefaultParameterName;

            var user = ClaimsPrincipalBuilder.Create()
                       .WithClaim(ApplicationClaimTypes.Ordering)
                       .WithClaim(UserClaimTypes.PrimaryOrganisationId, order.OrderingParty.Id.ToString())
                       .Build();

            var actionDescriptor = new ActionDescriptor
            {
                EndpointMetadata = new object[] { new AuthorizeOrganisationAttribute() },
                Parameters       = new[] { new ParameterDescriptor {
                                               Name = parameterName
                                           } },
            };

            var context = AuthorizationFilterContextBuilder.Create()
                          .WithActionDescription(actionDescriptor)
                          .WithRouteValue(parameterName, callOffId.ToString())
                          .WithUser(user)
                          .Build();

            await filter.OnAuthorizationAsync(context);

            context.Result.Should().BeNull();
        }
Exemplo n.º 5
0
        public static async Task OnAuthorizationAsync_NoAttribute_ReturnsExpectedValue()
        {
            var context = AuthorizationFilterContextBuilder.Create().Build();

            var result = new OkResult();

            context.Result = result;

            var filter = new TestFilter();
            await filter.OnAuthorizationAsync(context);

            context.Result.Should().Be(result);
        }
Exemplo n.º 6
0
        public static async Task OnAuthorizationAsync_NoParameter_ReturnsExpectedValue()
        {
            var actionDescriptor = new ActionDescriptor
            {
                EndpointMetadata = new object[] { new AuthorizeOrganisationAttribute() },
            };

            var context = AuthorizationFilterContextBuilder.Create()
                          .WithActionDescription(actionDescriptor)
                          .Build();

            var filter = new TestFilter();
            await filter.OnAuthorizationAsync(context);

            context.Result.Should().BeNull();
        }
Exemplo n.º 7
0
        public static async Task OnAuthorizationAsync_UserHasNoOrderingClaim_ReturnsExpectedValue()
        {
            var actionDescriptor = new ActionDescriptor
            {
                EndpointMetadata = new object[] { new AuthorizeOrganisationAttribute() },
                Parameters       = new[] { new ParameterDescriptor {
                                               Name = DefaultActionMethodParameterName
                                           } },
            };

            var context = AuthorizationFilterContextBuilder.Create()
                          .WithActionDescription(actionDescriptor)
                          .WithUser(new ClaimsPrincipal())
                          .Build();

            var filter = new TestFilter();
            await filter.OnAuthorizationAsync(context);

            context.Result.Should().BeNull();
        }
Exemplo n.º 8
0
        public static async Task OnAuthorizationAsync_RouteValue_IsExpectedValue(string routeValue)
        {
            var user             = ClaimsPrincipalBuilder.Create().WithClaim(ApplicationClaimTypes.Ordering).Build();
            var actionDescriptor = new ActionDescriptor
            {
                EndpointMetadata = new object[] { new AuthorizeOrganisationAttribute() },
                Parameters       = new[] { new ParameterDescriptor {
                                               Name = DefaultActionMethodParameterName
                                           } },
            };

            var context = AuthorizationFilterContextBuilder.Create()
                          .WithActionDescription(actionDescriptor)
                          .WithRouteValue(DefaultRouteParameterName, routeValue)
                          .WithUser(user)
                          .Build();

            var filter = new TestFilter();
            await filter.OnAuthorizationAsync(context);

            filter.RouteValue.Should().Be(routeValue);
        }
Exemplo n.º 9
0
        public static async Task OnAuthorizationAsync_NoUser_ReturnsExpectedValue()
        {
            var actionDescriptor = new ActionDescriptor
            {
                EndpointMetadata = new object[] { new AuthorizeOrganisationAttribute() },
                Parameters       = new[] { new ParameterDescriptor {
                                               Name = DefaultActionMethodParameterName
                                           } },
            };

            var context = AuthorizationFilterContextBuilder.Create()
                          .WithActionDescription(actionDescriptor)
                          .Build();

            var result = new OkResult();

            context.Result = result;

            var filter = new TestFilter();
            await filter.OnAuthorizationAsync(context);

            context.Result.Should().Be(result);
        }