public void When_Request_Has_Verb_And_Permissions_DoesNot() { AddRoute(); var permissions = new AuthRoutePermissions( new Dictionary <string, AuthPermissions> { { "template", new AuthPermissions { Accepted = new List <string> { "write", "write2" } } } }, request => { _authResolverCalled = true; return(new List <string> { "write" }); }); var actual = permissions.IsAllowed(_postRequest); Assert.True(actual); var getActual = permissions.IsAllowed(_request); Assert.True(getActual); }
public void When_RouteTemplate_NotFound_Not_Allowed() { AddRoute(); var permissions = new AuthRoutePermissions(new Dictionary <string, AuthPermissions>(), request => { _authResolverCalled = true; return(new List <string>()); }); var actual = permissions.IsAllowed(_request); Assert.False(actual); Assert.False(_authResolverCalled); }
public void When_No_Route_Found_ShouldAllowUndefined_Called() { bool expected = true; var permissions = new AuthRoutePermissions(new Dictionary <string, AuthPermissions> { { "template", new AuthPermissions() } }, request => { _authResolverCalled = true; return(new List <string>()); }, r => { _shouldAllowUndefinedCalled = true; return(expected); }); var actual = permissions.IsAllowed(_request); Assert.Equal(expected, actual); Assert.True(_shouldAllowUndefinedCalled); }
public void When_Auth_Not_Required_And_Permissions_NotAllowed() { AddRoute(); var permissions = new AuthRoutePermissions( new Dictionary <string, AuthPermissions> { { "template", new AuthPermissions { Accepted = new List <string> { "read" }, AuthNotRequired = true } } }, request => { _authResolverCalled = true; return(new List <string>()); }); var actual = permissions.IsAllowed(_request); Assert.False(actual); }
public void When_RouteTemplate_Found_AuthResolver_Called() { AddRoute(); var permissions = new AuthRoutePermissions( new Dictionary <string, AuthPermissions> { { "template", new AuthPermissions { Accepted = new List <string> { "write " } } } }, request => { _authResolverCalled = true; return(new List <string>()); }); var actual = permissions.IsAllowed(_request); Assert.False(actual); Assert.True(_authResolverCalled); }