public async Task GetMemberUploadDataHandler_NotOrganisationUser_ThrowsSecurityException() { var denyingAuthorization = AuthorizationBuilder.CreateUserDeniedFromAccessingOrganisation(); var handler = new GetMemberUploadDataHandler(denyingAuthorization, A.Dummy <WeeeContext>(), A.Dummy <MemberUploadErrorMap>()); var message = new GetMemberUploadData(Guid.NewGuid(), Guid.NewGuid()); await Assert.ThrowsAsync <SecurityException>(async() => await handler.HandleAsync(message)); }
public async Task GetMemberUploadDataHandler_NotOrganisationUser_ThrowsSecurityException() { var denyingAuthorization = AuthorizationBuilder.CreateUserDeniedFromAccessingOrganisation(); var handler = new GetMemberUploadDataHandler(denyingAuthorization, A.Dummy<WeeeContext>(), A.Dummy<MemberUploadErrorMap>()); var message = new GetMemberUploadData(Guid.NewGuid(), Guid.NewGuid()); await Assert.ThrowsAsync<SecurityException>(async () => await handler.HandleAsync(message)); }
public async Task <List <ErrorData> > HandleAsync(GetMemberUploadData message) { authorization.EnsureInternalOrOrganisationAccess(message.PcsId); var memberUpload = await context.MemberUploads.FirstOrDefaultAsync(m => m.Id == message.MemberUploadId); if (memberUpload == null) { throw new ArgumentNullException(string.Format("Could not find a MemberUpload with id {0}", message.MemberUploadId)); } if (memberUpload.OrganisationId != message.PcsId) { throw new ArgumentException(string.Format("Member upload {0} is not owned by PCS {1}", message.MemberUploadId, message.PcsId)); } return(memberUpload.Errors.OrderBy(e => e.LineNumber).Select(e => memberUploadErrorMap.Map(e)).ToList()); }