public void Should_not_have_delegate_set_for_violation_handler()
{
// Act
var policy = new DelegatePolicy(ValidPolicyName, ValidPolicyDelegate, null);
// Assert
Assert.That(policy.ViolationHandler, Is.Null);
}
public void Should_have_expected_delegate()
{
// Arrange
var expectedDelegate = ValidViolationHandlerDelegate;
// Act
var policy = new DelegatePolicy(ValidPolicyName, ValidPolicyDelegate, expectedDelegate);
// Assert
Assert.That(policy.ViolationHandler, Is.EqualTo(expectedDelegate));
}
public void Should_return_expected_name()
{
// Arrange
const string expectedName = "DelegatePolicyName";
var policy = new DelegatePolicy(expectedName, ValidPolicyDelegate, ValidViolationHandlerDelegate);
// Act
var name = policy.Name;
// Assert
Assert.That(name, Is.EqualTo(expectedName));
}
public void Should_be_successful_when_delegate_returns_success()
{
// Arrange
Func <DelegateSecurityContext, PolicyResult> successDelegate = c => PolicyResult.CreateSuccessResult(c.Policy);
var policy = new DelegatePolicy(ValidPolicyName, successDelegate, ValidViolationHandlerDelegate);
var context = TestDataFactory.CreateSecurityContext(true);
// Act
var result = policy.Enforce(context);
// Assert
Assert.That(result, Is.TypeOf <DelegatePolicyResult>());
Assert.That(result.ViolationOccured, Is.False);
}
public void Should_not_be_successful_when_delegate_returns_failure()
{
// Arrange
Func <DelegateSecurityContext, PolicyResult> failureDelegate = c => PolicyResult.CreateFailureResult(c.Policy, "Access denied");
var policy = new DelegatePolicy(ValidPolicyName, failureDelegate, ValidViolationHandlerDelegate);
var context = TestDataFactory.CreateSecurityContext(true);
// Act
var result = policy.Enforce(context);
// Assert
Assert.That(result, Is.TypeOf <DelegatePolicyResult>());
Assert.That(result.ViolationOccured, Is.True);
Assert.That(result.Message, Is.EqualTo("Access denied"));
}
public void Should_throw_when_no_violation_handler_has_been_set_and_no_violation_handler_match_name()
{
// Arrange
var violationHandlers = Enumerable.Empty <IPolicyViolationHandler>();
var failureResult = PolicyResult.CreateFailureResult(new IgnorePolicy(), "Access denied");
var policy = new DelegatePolicy("Test", c => failureResult);
var delegatePolicyResult = new DelegatePolicyResult(failureResult, policy.Name, policy.ViolationHandler);
var exception = new PolicyViolationException(delegatePolicyResult);
var handler = new DelegatePolicyViolationHandler(violationHandlers);
// Act & assert
var caughtException = Assert.Throws <PolicyViolationException>(() => handler.Handle(exception));
Assert.That(caughtException, Is.EqualTo(exception));
}
public void Should_return_action_result_from_explicitly_set_violation_handler()
{
// Arrange
var violationHandlers = Enumerable.Empty <IPolicyViolationHandler>();
var expectedResult = new ContentResult {
Content = "Some content"
};
var failureResult = PolicyResult.CreateFailureResult(new IgnorePolicy(), "Access denied");
var policy = new DelegatePolicy("Test", c => failureResult, e => expectedResult);
var delegatePolicyResult = new DelegatePolicyResult(failureResult, policy.Name, policy.ViolationHandler);
var exception = new PolicyViolationException(delegatePolicyResult);
var handler = new DelegatePolicyViolationHandler(violationHandlers);
// Act
var result = handler.Handle(exception);
// Assert
Assert.That(result, Is.EqualTo(expectedResult));
}
public void Should_pass_wrapped_security_context_to_delegate()
{
// Arrange
DelegateSecurityContext delegateContext = null;
Func <DelegateSecurityContext, PolicyResult> successDelegate = c =>
{
delegateContext = c;
return(PolicyResult.CreateSuccessResult(c.Policy));
};
var policy = new DelegatePolicy(ValidPolicyName, successDelegate, ValidViolationHandlerDelegate);
var context = TestDataFactory.CreateSecurityContext(true);
// Act
policy.Enforce(context);
// Assert
Assert.That(typeof(ISecurityContext).IsAssignableFrom(delegateContext.GetType()), Is.True);
Assert.That(delegateContext.CurrenUserAuthenticated(), Is.EqualTo(context.CurrenUserAuthenticated()));
Assert.That(delegateContext.CurrenUserRoles(), Is.EqualTo(context.CurrenUserRoles()));
}
public void Should_return_action_result_from_violation_handler_that_match_name()
{
// Arrange
var nonMatchingNameViolationHandler = new NonMatchingNameViolationHandler();
var matchingNameViolationHandler = new MatchingNameViolationHandler();
var violationHandlers = new List <IPolicyViolationHandler>
{
nonMatchingNameViolationHandler,
matchingNameViolationHandler
};
var failureResult = PolicyResult.CreateFailureResult(new IgnorePolicy(), "Access denied");
var policy = new DelegatePolicy("MatchingName", c => failureResult);
var delegatePolicyResult = new DelegatePolicyResult(failureResult, policy.Name, policy.ViolationHandler);
var exception = new PolicyViolationException(delegatePolicyResult);
var handler = new DelegatePolicyViolationHandler(violationHandlers);
// Act
var result = handler.Handle(exception);
// Assert
Assert.That(result, Is.EqualTo(matchingNameViolationHandler.ActionResult));
}
