public async Task <IActionResult> CreateMembership(CreateMembershipCommand command)
{
Request.Headers.TryGetValue("Authorization", out var token);
string role = await AuthHelper.GetRoleFromTokenAsync(token);
return(role == "admin" ? Ok(await Mediator.Send(command)) : StatusCode(401, new { Error = "Unauthorized" }));
}
public async Task CreateMembershipCommandHandler_ShouldCreateMembership_AndReturnCreatedMembership()
{
// Arrange
CreateMembershipCommand request = new CreateMembershipCommand
{
GroupId = 1,
UserId = 1,
IsAdmin = true
};
IEnumerable <User> expectedUsers = new[]
{
new User
{
UserId = 1,
UserName = "******"
}
};
IQueryable <User> queryableMock = expectedUsers
.AsQueryable()
.BuildMock()
.Object;
_unitOfWorkMock
.Setup(m => m.GroupMemberships.Add(It.IsAny <GroupMembership>(), It.IsAny <CancellationToken>()))
.Returns(Task.CompletedTask);
_unitOfWorkMock
.Setup(m => m.Recipients.Add(It.IsAny <Recipient>(), It.IsAny <CancellationToken>()))
.Returns(Task.CompletedTask);
_unitOfWorkMock
.Setup(m => m.CommitAsync(It.IsAny <CancellationToken>()))
.ReturnsAsync(2);
_unitOfWorkMock
.Setup(m => m.Users.GetById(It.IsAny <int>()))
.Returns(queryableMock);
CreateMembershipCommand.Handler handler = new CreateMembershipCommand.Handler(_dateProviderMock.Object, _unitOfWorkMock.Object, _mapperMock);
// Act
GroupMembershipResource membership = await handler.Handle(request);
// Assert
Assert.NotNull(membership);
_unitOfWorkMock
.Verify(m => m.GroupMemberships.Add(It.IsAny <GroupMembership>(), It.IsAny <CancellationToken>()), Times.AtLeastOnce);
_unitOfWorkMock
.Verify(m => m.Recipients.Add(It.IsAny <Recipient>(), It.IsAny <CancellationToken>()), Times.AtLeastOnce);
_unitOfWorkMock
.Verify(m => m.CommitAsync(It.IsAny <CancellationToken>()), Times.AtLeastOnce);
}
public async Task <ActionResult <GroupMembershipResource> > CreateMembership([FromBody] CreateMembershipBody body, CancellationToken cancellationToken = default)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
// Check if the provided group exists
GroupExistsQuery groupExistsQuery = new GroupExistsQuery {
GroupId = body.GroupId
};
bool groupExists = await _mediator.Send(groupExistsQuery, cancellationToken);
if (!groupExists)
{
return(NotFound(new ErrorResource
{
StatusCode = StatusCodes.Status404NotFound,
Message = $"Group with ID '{body.GroupId}' does not exist"
}));
}
// Check if the provided user exists
UserExistsQuery userExistsQuery = new UserExistsQuery {
UserId = body.UserId
};
bool userExists = await _mediator.Send(userExistsQuery, cancellationToken);
if (!userExists)
{
return(NotFound(new ErrorResource
{
StatusCode = StatusCodes.Status404NotFound,
Message = $"User with ID '{body.UserId}' does not exist"
}));
}
// Check if the current user is permitted to create memberships in this group
CanCreateMembershipQuery canCreateQuery = new CanCreateMembershipQuery {
GroupId = body.GroupId
};
bool canCreate = await _mediator.Send(canCreateQuery, cancellationToken);
if (!canCreate)
{
return(StatusCode(StatusCodes.Status403Forbidden, new ErrorResource
{
StatusCode = StatusCodes.Status403Forbidden,
Message = "You are not permitted to add users to this group. This privilege is only granted to administrators of the group"
}));
}
// Check if such a membership does not already exist
MembershipCombinationExistsQuery membershipExistsQuery = _mapper.Map <CreateMembershipBody, MembershipCombinationExistsQuery>(body);
bool membershipExists = await _mediator.Send(membershipExistsQuery, cancellationToken);
if (membershipExists)
{
return(StatusCode(StatusCodes.Status403Forbidden, new ErrorResource
{
StatusCode = StatusCodes.Status403Forbidden,
Message = "This user is already a member of this group"
}));
}
CreateMembershipCommand createCommand = _mapper.Map <CreateMembershipBody, CreateMembershipCommand>(body);
GroupMembershipResource membership = await _mediator.Send(createCommand, cancellationToken);
return(CreatedAtAction(nameof(GetMembershipById), new { membershipId = membership.GroupMembershipId }, membership));
}
