public async Task Can_Assign_Role() { //Arrange var registration = await DataProcessingRegistrationHelper.CreateAsync(TestEnvironment.DefaultOrganizationId, A <string>()); var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id); var role = businessRoleDtos.First(); var availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, role.Id); var user = availableUsers.First(); //Act using var response = await DataProcessingRegistrationHelper.SendAssignRoleRequestAsync(registration.Id, role.Id, user.Id); //Assert response Assert.Equal(HttpStatusCode.OK, response.StatusCode); registration = await DataProcessingRegistrationHelper.GetAsync(registration.Id); //Assert role is in the DTO var assignedRoleDto = Assert.Single(registration.AssignedRoles); Assert.Equal(user.Id, assignedRoleDto.User.Id); Assert.Equal(role.Id, assignedRoleDto.Role.Id); //Assert query endpoint now excludes possible duplicate availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, role.Id); Assert.Empty(availableUsers.Where(x => x.Id == user.Id)); }
public async Task Can_Remove_Role() { //Arrange var registration = await DataProcessingRegistrationHelper.CreateAsync(TestEnvironment.DefaultOrganizationId, A <string>()); var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id); var role = businessRoleDtos.First(); var availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, role.Id); var user = availableUsers.First(); using var response = await DataProcessingRegistrationHelper.SendAssignRoleRequestAsync(registration.Id, role.Id, user.Id); //Act using var removeResponse = await DataProcessingRegistrationHelper.SendRemoveRoleRequestAsync(registration.Id, role.Id, user.Id); //Assert response Assert.Equal(HttpStatusCode.OK, removeResponse.StatusCode); //Assert that the role is no longer in the DTO registration = await DataProcessingRegistrationHelper.GetAsync(registration.Id); Assert.Empty(registration.AssignedRoles); }
public async Task Can_Get_Available_Roles() { //Arrange var registration = await DataProcessingRegistrationHelper.CreateAsync(TestEnvironment.DefaultOrganizationId, A <string>()); //Act var roles = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id); //Assert Assert.NotEmpty(roles); }
public async Task Cannot_Assign_Role_To_User_Not_In_Organization() { //Arrange var registration = await DataProcessingRegistrationHelper.CreateAsync(TestEnvironment.DefaultOrganizationId, A <string>()); var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id); var role = businessRoleDtos.First(); //Act using var response = await DataProcessingRegistrationHelper.SendAssignRoleRequestAsync(registration.Id, role.Id, int.MaxValue); //Assert response Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode); }
public async Task Can_Get_Available_Users() { //Arrange var registration = await DataProcessingRegistrationHelper.CreateAsync(TestEnvironment.DefaultOrganizationId, A <string>()); var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id); var role = businessRoleDtos.First(); //Act var availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, role.Id); //Assert Assert.NotEmpty(availableUsers); }
public async Task Cannot_Remove_Unassigned_Role() { //Arrange var registration = await DataProcessingRegistrationHelper.CreateAsync(TestEnvironment.DefaultOrganizationId, A <string>()); var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id); var role = businessRoleDtos.First(); var availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, role.Id); var user = availableUsers.First(); //Act - check on an registration where no role has been added yet using var removeResponse = await DataProcessingRegistrationHelper.SendRemoveRoleRequestAsync(registration.Id, role.Id, user.Id); //Assert response Assert.Equal(HttpStatusCode.BadRequest, removeResponse.StatusCode); }
public async Task Cannot_Assign_Duplicate_Role() { //Arrange var registration = await DataProcessingRegistrationHelper.CreateAsync(TestEnvironment.DefaultOrganizationId, A <string>()); var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id); var role = businessRoleDtos.First(); var availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, role.Id); var user = availableUsers.First(); using var succeededResponse = await DataProcessingRegistrationHelper.SendAssignRoleRequestAsync(registration.Id, role.Id, user.Id); //Act using var duplicateResponse = await DataProcessingRegistrationHelper.SendAssignRoleRequestAsync(registration.Id, role.Id, user.Id); //Assert response Assert.Equal(HttpStatusCode.OK, succeededResponse.StatusCode); Assert.Equal(HttpStatusCode.Conflict, duplicateResponse.StatusCode); }
public async Task ReadModels_Update_When_Child_Entities_Are_Removed() { //Arrange var name = A <string>(); var organizationId = TestEnvironment.DefaultOrganizationId; var registration = await DataProcessingRegistrationHelper.CreateAsync(organizationId, name); var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id); var role = businessRoleDtos.First(); var availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, role.Id); var user = availableUsers.First(); using var response1 = await DataProcessingRegistrationHelper.SendAssignRoleRequestAsync(registration.Id, role.Id, user.Id); Assert.Equal(HttpStatusCode.OK, response1.StatusCode); await WaitForReadModelQueueDepletion(); using var response2 = await DataProcessingRegistrationHelper.SendRemoveRoleRequestAsync(registration.Id, role.Id, user.Id); Assert.Equal(HttpStatusCode.OK, response2.StatusCode); await WaitForReadModelQueueDepletion(); //Act var result = (await DataProcessingRegistrationHelper.QueryReadModelByNameContent(organizationId, name, 1, 0)).ToList(); //Assert var readModel = Assert.Single(result); Assert.Equal(name, readModel.Name); Assert.Equal(registration.Id, readModel.SourceEntityId); Assert.Empty(readModel.RoleAssignments); }
public async Task Write_Access_Business_Role_To_Owner_Root_Provides_Write_Access_To_Advices() { //Arrange var registration = await DataProcessingRegistrationHelper.CreateAsync(TestEnvironment.DefaultOrganizationId, A <string>()); var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id); var writeAccessRole = businessRoleDtos.First(x => x.HasWriteAccess); var availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, writeAccessRole.Id); var readOnlyUserCredentials = TestEnvironment.GetCredentials(OrganizationRole.User); var readOnlyUser = availableUsers.First(x => x.Email.Equals(readOnlyUserCredentials.Username, StringComparison.OrdinalIgnoreCase)); var readOnlyUserCookie = await HttpApi.GetCookieAsync(OrganizationRole.User); var recipient = CreateDefaultEmailRecipient(CreateWellformedEmail()); var advice = CreateDefaultAdvice(Scheduling.Day, AdviceType.Repeat, recipient); advice.RelationId = registration.Id; advice.Type = RelatedEntityType.dataProcessingRegistration; // **************************************** // ************* Act + assert ************* // **************************************** // Before role has been assigned the user has no write access to the root await AssertAdviceCreationReturns(advice, readOnlyUserCookie, HttpStatusCode.Forbidden); using var assignResponse = await DataProcessingRegistrationHelper.SendAssignRoleRequestAsync(registration.Id, writeAccessRole.Id, readOnlyUser.Id); // With the write-access role assigned, the user should be allowed to create advices (modify the root) await AssertAdviceCreationReturns(advice, readOnlyUserCookie, HttpStatusCode.Created); using var response = await DataProcessingRegistrationHelper.SendRemoveRoleRequestAsync(registration.Id, writeAccessRole.Id, readOnlyUser.Id); //Removing the role should revert the assigned write access await AssertAdviceCreationReturns(advice, readOnlyUserCookie, HttpStatusCode.Forbidden); }
public async Task ReadModels_Contain_Correct_Content() { //Arrange var name = A <string>(); var dpName = $"Dp:{name}"; var subDpName = $"Sub_Dp:{name}"; var systemName = $"SYSTEM:{name}"; var contractName = $"CONTRACT:{name}"; var refName = $"REF:{name}"; var refUserAssignedId = $"REF:{name}EXT_ID"; var refUrl = $"https://www.test-rm{A<uint>()}.dk"; var refDisp = A <Display>(); var organizationId = TestEnvironment.DefaultOrganizationId; var isAgreementConcluded = A <YesNoIrrelevantOption>(); var oversightInterval = A <YearMonthIntervalOption>(); var oversightCompleted = A <YesNoUndecidedOption>(); var oversightDate = A <DateTime>(); var oversightRemark = A <string>(); Console.Out.WriteLine($"Testing in the context of DPR with name:{name}"); var dataProcessor = await OrganizationHelper.CreateOrganizationAsync(organizationId, dpName, "22334455", OrganizationTypeKeys.Virksomhed, AccessModifier.Public); var subDataProcessor = await OrganizationHelper.CreateOrganizationAsync(organizationId, subDpName, "22314455", OrganizationTypeKeys.Virksomhed, AccessModifier.Public); var registration = await DataProcessingRegistrationHelper.CreateAsync(organizationId, name); await DataProcessingRegistrationHelper.SendChangeOversightIntervalOptionRequestAsync(registration.Id, oversightInterval); await DataProcessingRegistrationHelper.SendChangeIsOversightCompletedRequestAsync(registration.Id, oversightCompleted); var businessRoleDtos = await DataProcessingRegistrationHelper.GetAvailableRolesAsync(registration.Id); var role = businessRoleDtos.First(); var availableUsers = await DataProcessingRegistrationHelper.GetAvailableUsersAsync(registration.Id, role.Id); var user = availableUsers.First(); _testOutputHelper.WriteLine($"Attempting to assign user {user.Id}:{user.Email} as role {role.Id}:{role.Name} in dpr {registration.Id}:{registration.Name}"); using var response = await DataProcessingRegistrationHelper.SendAssignRoleRequestAsync(registration.Id, role.Id, user.Id); Assert.Equal(HttpStatusCode.OK, response.StatusCode); //Basis for transfer var options = (await DataProcessingRegistrationHelper.GetBasisForTransferOptionsAsync(TestEnvironment.DefaultOrganizationId)).ToList(); var basisForTransfer = options[Math.Abs(A <int>()) % options.Count]; using var assignResponse = await DataProcessingRegistrationHelper.SendAssignBasisForTransferRequestAsync(registration.Id, basisForTransfer.Id); Assert.Equal(HttpStatusCode.OK, assignResponse.StatusCode); //Enable and set third country var transferToThirdCountries = A <YesNoUndecidedOption>(); using var setInsecureCountryStateResponse = await DataProcessingRegistrationHelper.SendSetUseTransferToInsecureThirdCountriesStateRequestAsync(registration.Id, transferToThirdCountries); Assert.Equal(HttpStatusCode.OK, setInsecureCountryStateResponse.StatusCode); //Set data responsible var dataOptions = await DataProcessingRegistrationHelper.GetAvailableOptionsRequestAsync(organizationId); var dataResponsibleOption = dataOptions.DataResponsibleOptions.First(); using var setDataResponsibleResponse = await DataProcessingRegistrationHelper.SendAssignDataResponsibleRequestAsync(registration.Id, dataResponsibleOption.Id); Assert.Equal(HttpStatusCode.OK, setDataResponsibleResponse.StatusCode); //Set oversight option var oversightOption = dataOptions.OversightOptions.First(); using var setOversightOptionResponse = await DataProcessingRegistrationHelper.SendAssignOversightOptionRequestAsync(registration.Id, oversightOption.Id); Assert.Equal(HttpStatusCode.OK, setDataResponsibleResponse.StatusCode); //Enable and set sub processors using var setStateRequest = await DataProcessingRegistrationHelper.SendSetUseSubDataProcessorsStateRequestAsync(registration.Id, YesNoUndecidedOption.Yes); Assert.Equal(HttpStatusCode.OK, setStateRequest.StatusCode); using var sendAssignDataProcessorRequestAsync = await DataProcessingRegistrationHelper.SendAssignDataProcessorRequestAsync(registration.Id, dataProcessor.Id); Assert.Equal(HttpStatusCode.OK, sendAssignDataProcessorRequestAsync.StatusCode); using var sendAssignSubDataProcessorRequestAsync = await DataProcessingRegistrationHelper.SendAssignSubDataProcessorRequestAsync(registration.Id, subDataProcessor.Id); Assert.Equal(HttpStatusCode.OK, sendAssignSubDataProcessorRequestAsync.StatusCode); //Concluded state await DataProcessingRegistrationHelper.SendChangeIsAgreementConcludedRequestAsync(registration.Id, isAgreementConcluded); //Latest oversight date await DataProcessingRegistrationHelper.SendAssignOversightDateRequestAsync(registration.Id, oversightDate, oversightRemark); //References await ReferencesHelper.CreateReferenceAsync(refName, refUserAssignedId, refUrl, refDisp, dto => dto.DataProcessingRegistration_Id = registration.Id); //Systems var itSystemDto = await ItSystemHelper.CreateItSystemInOrganizationAsync(systemName, organizationId, AccessModifier.Public); var usage = await ItSystemHelper.TakeIntoUseAsync(itSystemDto.Id, organizationId); using var assignSystemResponse = await DataProcessingRegistrationHelper.SendAssignSystemRequestAsync(registration.Id, usage.Id); Assert.Equal(HttpStatusCode.OK, assignSystemResponse.StatusCode); //Contracts var contractDto = await ItContractHelper.CreateContract(contractName, organizationId); using var assignDataProcessingResponse = await ItContractHelper.SendAssignDataProcessingRegistrationAsync(contractDto.Id, registration.Id); Assert.Equal(HttpStatusCode.OK, assignDataProcessingResponse.StatusCode); //Wait for read model to rebuild (wait for the LAST mutation) await WaitForReadModelQueueDepletion(); Console.Out.WriteLine("Read models are up to date"); //Act var readModels = (await DataProcessingRegistrationHelper.QueryReadModelByNameContent(organizationId, name, 1, 0)).ToList(); //Assert var readModel = Assert.Single(readModels); Console.Out.WriteLine("Read model found"); Assert.Equal(name, readModel.Name); Assert.Equal(registration.Id, readModel.SourceEntityId); Assert.Equal(refName, readModel.MainReferenceTitle); Assert.Equal(refUrl, readModel.MainReferenceUrl); Assert.Equal(refUserAssignedId, readModel.MainReferenceUserAssignedId); Assert.Equal(oversightInterval, readModel.OversightInterval); Assert.Equal(oversightCompleted, readModel.IsOversightCompleted); Assert.Equal(dataProcessor.Name, readModel.DataProcessorNamesAsCsv); Assert.Equal(subDataProcessor.Name, readModel.SubDataProcessorNamesAsCsv); Assert.Equal(isAgreementConcluded, readModel.IsAgreementConcluded); Assert.Equal(transferToThirdCountries, readModel.TransferToInsecureThirdCountries); Assert.Equal(basisForTransfer.Name, readModel.BasisForTransfer); Assert.Equal(dataResponsibleOption.Name, readModel.DataResponsible); Assert.Equal(oversightOption.Name, readModel.OversightOptionNamesAsCsv); Assert.Equal(contractName, readModel.ContractNamesAsCsv); Assert.Equal(systemName, readModel.SystemNamesAsCsv); Assert.Equal(oversightDate, readModel.LatestOversightDate); Console.Out.WriteLine("Flat values asserted"); Console.Out.WriteLine("Asserting role assignments"); var roleAssignment = Assert.Single(readModel.RoleAssignments); Console.Out.WriteLine("Found one role assignment as expected"); Assert.Equal(role.Id, roleAssignment.RoleId); Assert.Equal(user.Id, roleAssignment.UserId); Assert.Equal(user.Name, roleAssignment.UserFullName); Console.Out.WriteLine("Role data verified"); //Assert that the source object can be deleted and that the readmodel is gone now var deleteResponse = await DataProcessingRegistrationHelper.SendDeleteRequestAsync(registration.Id); Assert.Equal(HttpStatusCode.OK, deleteResponse.StatusCode); readModels = (await DataProcessingRegistrationHelper.QueryReadModelByNameContent(organizationId, name, 1, 0)).ToList(); Assert.Empty(readModels); }