public void RequiresAnyRole_UserWitAllRoles_ReturnsContinue()
{
var attr = new RequiresAnyRoleAttribute("a", "b");
var user = UserSetup.GetUser("a", "b");
var httpContext = new Fakes.FakeHttpContext();
httpContext.User = user;
var shouldContinue = attr.ShouldContinue(httpContext);
Assert.True(shouldContinue.ShouldContinue);
}
public void RequiresAnyRole_UnauthenticatedUser_ReturnsUnauthenticated()
{
var attr = new RequiresAnyRoleAttribute("a", "b");
var user = new ClaimsPrincipal();
var httpContext = new Fakes.FakeHttpContext();
httpContext.User = user;
var shouldContinue = attr.ShouldContinue(httpContext);
Assert.False(shouldContinue.ShouldContinue);
Assert.Equal(ApiFilterRunResult.Unauthenticated.SetResponseCode, shouldContinue.SetResponseCode);
}
public void RequiresAnyRole_UserWithoutRoles_ReturnsUnauthorized()
{
var attr = new RequiresAnyRoleAttribute("a", "b");
var user = UserSetup.GetUser();
var httpContext = new Fakes.FakeHttpContext();
httpContext.User = user;
var shouldContinue = attr.ShouldContinue(httpContext);
Assert.False(shouldContinue.ShouldContinue);
Assert.Equal(ApiFilterRunResult.Unauthorized.SetResponseCode, shouldContinue.SetResponseCode);
}
internal void AuthorizeSubscriptionServiceRequests(IRequest request, IResponse response, object dto)
{
if (IsSubscriptionService(request.PathInfo))
{
new AuthenticateAttribute().Execute(request, response, dto);
var requiredRoles = GetRequiredRoles(request.Dto);
if (requiredRoles.Length > 0)
{
RequiresAnyRoleAttribute.AssertRequiredRoles(request, requiredRoles);
}
}
}
public void RequiresAnyRole_RolesContainsWhiteSpaceString_ThrowsException()
{
bool error = false;
try
{
var a = new RequiresAnyRoleAttribute("a", " ");
}
catch (ArgumentException)
{
error = true;
}
Assert.True(error);
}
public void RequiresAnyRole_RolesAreEmptyArray_ThrowsException()
{
bool error = false;
try
{
var a = new RequiresAnyRoleAttribute();
}
catch (ArgumentException)
{
error = true;
}
Assert.True(error);
}
public void RequiresAnyRole_NullRoles_ThrowsException()
{
bool error = false;
try
{
var a = new RequiresAnyRoleAttribute(null);
}
catch (ArgumentNullException)
{
error = true;
}
Assert.True(error);
}
public void AuthorizeSubscriptionServiceRequests(IRequest request, IResponse response, object dto)
{
if (IsSubscriptionService(request.Dto.GetType()))
{
var attribute = new AuthenticateAttribute();
AsyncHelper.RunSync(() => attribute.ExecuteAsync(request, response, dto));
var requiredRoles = GetRequiredRoles(request.Dto);
if (requiredRoles.Length > 0)
{
RequiresAnyRoleAttribute.AssertRequiredRoles(request, requiredRoles);
}
}
}
