public async Task <IActionResult> CreateMembership(CreateMembershipCommand command) { Request.Headers.TryGetValue("Authorization", out var token); string role = await AuthHelper.GetRoleFromTokenAsync(token); return(role == "admin" ? Ok(await Mediator.Send(command)) : StatusCode(401, new { Error = "Unauthorized" })); }
public async Task CreateMembershipCommandHandler_ShouldCreateMembership_AndReturnCreatedMembership() { // Arrange CreateMembershipCommand request = new CreateMembershipCommand { GroupId = 1, UserId = 1, IsAdmin = true }; IEnumerable <User> expectedUsers = new[] { new User { UserId = 1, UserName = "******" } }; IQueryable <User> queryableMock = expectedUsers .AsQueryable() .BuildMock() .Object; _unitOfWorkMock .Setup(m => m.GroupMemberships.Add(It.IsAny <GroupMembership>(), It.IsAny <CancellationToken>())) .Returns(Task.CompletedTask); _unitOfWorkMock .Setup(m => m.Recipients.Add(It.IsAny <Recipient>(), It.IsAny <CancellationToken>())) .Returns(Task.CompletedTask); _unitOfWorkMock .Setup(m => m.CommitAsync(It.IsAny <CancellationToken>())) .ReturnsAsync(2); _unitOfWorkMock .Setup(m => m.Users.GetById(It.IsAny <int>())) .Returns(queryableMock); CreateMembershipCommand.Handler handler = new CreateMembershipCommand.Handler(_dateProviderMock.Object, _unitOfWorkMock.Object, _mapperMock); // Act GroupMembershipResource membership = await handler.Handle(request); // Assert Assert.NotNull(membership); _unitOfWorkMock .Verify(m => m.GroupMemberships.Add(It.IsAny <GroupMembership>(), It.IsAny <CancellationToken>()), Times.AtLeastOnce); _unitOfWorkMock .Verify(m => m.Recipients.Add(It.IsAny <Recipient>(), It.IsAny <CancellationToken>()), Times.AtLeastOnce); _unitOfWorkMock .Verify(m => m.CommitAsync(It.IsAny <CancellationToken>()), Times.AtLeastOnce); }
public async Task <ActionResult <GroupMembershipResource> > CreateMembership([FromBody] CreateMembershipBody body, CancellationToken cancellationToken = default) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } // Check if the provided group exists GroupExistsQuery groupExistsQuery = new GroupExistsQuery { GroupId = body.GroupId }; bool groupExists = await _mediator.Send(groupExistsQuery, cancellationToken); if (!groupExists) { return(NotFound(new ErrorResource { StatusCode = StatusCodes.Status404NotFound, Message = $"Group with ID '{body.GroupId}' does not exist" })); } // Check if the provided user exists UserExistsQuery userExistsQuery = new UserExistsQuery { UserId = body.UserId }; bool userExists = await _mediator.Send(userExistsQuery, cancellationToken); if (!userExists) { return(NotFound(new ErrorResource { StatusCode = StatusCodes.Status404NotFound, Message = $"User with ID '{body.UserId}' does not exist" })); } // Check if the current user is permitted to create memberships in this group CanCreateMembershipQuery canCreateQuery = new CanCreateMembershipQuery { GroupId = body.GroupId }; bool canCreate = await _mediator.Send(canCreateQuery, cancellationToken); if (!canCreate) { return(StatusCode(StatusCodes.Status403Forbidden, new ErrorResource { StatusCode = StatusCodes.Status403Forbidden, Message = "You are not permitted to add users to this group. This privilege is only granted to administrators of the group" })); } // Check if such a membership does not already exist MembershipCombinationExistsQuery membershipExistsQuery = _mapper.Map <CreateMembershipBody, MembershipCombinationExistsQuery>(body); bool membershipExists = await _mediator.Send(membershipExistsQuery, cancellationToken); if (membershipExists) { return(StatusCode(StatusCodes.Status403Forbidden, new ErrorResource { StatusCode = StatusCodes.Status403Forbidden, Message = "This user is already a member of this group" })); } CreateMembershipCommand createCommand = _mapper.Map <CreateMembershipBody, CreateMembershipCommand>(body); GroupMembershipResource membership = await _mediator.Send(createCommand, cancellationToken); return(CreatedAtAction(nameof(GetMembershipById), new { membershipId = membership.GroupMembershipId }, membership)); }