Пример #1
0
 private void GivenRole()
 {
     _roleApiModel = new RoleApiModel
     {
         Name = "stub-create-delete-user-name"
     };
 }
Пример #2
0
        private async Task WhenSpecifiedRoleRequestedById()
        {
            var actionResult = await _roleController.Get(_databaseRole.Id);

            var jsonResult = (JsonResult)actionResult;

            _roleApiModel = (RoleApiModel)jsonResult.Value;
        }
Пример #3
0
        public async Task Post_ReturnsOkResult_WhenModelIsValid()
        {
            var model = new RoleApiModel();

            var result = await _sut.Post(model);

            Assert.IsType(typeof(OkResult), result);
        }
Пример #4
0
        public void AddRole_ReturnsForbidden(RoleApiModel roleToPost, string scope)
        {
            var existingClient = ExistingClients.First();
            var rolesModule    = CreateBrowser(new Claim(Claims.Scope, scope),
                                               new Claim(Claims.ClientId, existingClient.Id));
            var result = rolesModule.Post($"/roles", with => with.JsonBody(roleToPost)).Result;

            Assert.Equal(HttpStatusCode.Forbidden, result.StatusCode);
        }
Пример #5
0
        public async Task <RoleApiModel> AddRole(string accessToken, RoleApiModel roleModel)
        {
            var message = new HttpRequestMessage(HttpMethod.Post, new RoleRouteBuilder().Route)
                          .AddContent(roleModel)
                          .AddAcceptHeader()
                          .AddBearerToken(accessToken);

            return(await SendAndParseJson <RoleApiModel>(message).ConfigureAwait(false));
        }
Пример #6
0
        public async Task Post_CallsCreateMethod_WhenModelIsValid()
        {
            var model = new RoleApiModel {
                Name = "role-stub"
            };

            await _sut.Post(model);

            _roleServiceMock.Verify(accountService => accountService.CreateAsync(model.Name), Times.Once);
        }
Пример #7
0
        private async Task RegisterRole()
        {
            var response = await this.PostWithJsonBody(this._authorizationClient.BaseAddress, "/roles", FunctionalTestHelpers.RoleHcAdmin, this._installerAccessToken).ConfigureAwait(false);

            Assert.Equal(System.Net.HttpStatusCode.Created, response.StatusCode);
            string responseString = await response.Content.ReadAsStringAsync();

            RoleApiModel responseRole = responseString.FromJson <RoleApiModel>();

            this._roleId = responseRole.Id;
        }
Пример #8
0
        private async Task RemoveRoleFromGroupAsync(GroupRoleApiModel group, RoleApiModel role)
        {
            var groupRoleResponse = await _browser.Delete($"/groups/{group.GroupName}/roles", with =>
            {
                with.HttpRequest();
                with.JsonBody(new[] {
                    new { RoleId = role.Id }
                });
            });

            Assert.Equal(HttpStatusCode.OK, groupRoleResponse.StatusCode);
        }
Пример #9
0
        private async Task RemoveUserFromRoleAsync(UserApiModel user, RoleApiModel role)
        {
            var userRole = await _browser.Delete($"/user/{user.IdentityProvider}/{user.SubjectId}/roles", with =>
            {
                with.HttpRequest();
                with.JsonBody(new[] {
                    role
                });
            });

            Assert.Equal(HttpStatusCode.OK, userRole.StatusCode);
        }
Пример #10
0
        public async Task <IActionResult> Post([FromBody] RoleApiModel roleApiModel)
        {
            if (ModelState.IsValid)
            {
                await _roleService.CreateAsync(roleApiModel.Name);

                _logger.LogInformation($"New role {roleApiModel.Name} was created");

                return(Ok());
            }

            return(BadRequest(ModelState));
        }
Пример #11
0
        private async Task AssociateUserToRoleAsync(UserApiModel user, RoleApiModel role)
        {
            var groupRoleResponse = await _browser.Post($"/user/{user.IdentityProvider}/{user.SubjectId}/roles", with =>
            {
                with.HttpRequest();
                with.JsonBody(new[]
                {
                    role
                });
            });

            Assert.Equal(HttpStatusCode.OK, groupRoleResponse.StatusCode);
        }
Пример #12
0
        /// <inheritdoc/>
        public async Task CreateRoleAsync(RoleApiModel role, CancellationToken ct)
        {
            if (role == null)
            {
                throw new ArgumentNullException(nameof(role));
            }
            var uri     = new UriBuilder($"{_serviceUri}/v2/roles");
            var request = _httpClient.NewRequest(uri.Uri, Resource.Platform);

            _serializer.SerializeToRequest(request, role);
            var response = await _httpClient.PutAsync(request, ct).ConfigureAwait(false);

            response.Validate();
        }
Пример #13
0
        public void AddRole_ReturnsBadRequest(RoleApiModel roleToPost, int errorCount)
        {
            var existingClient = ExistingClients.First();
            var rolesModule    = CreateBrowser(new Claim(Claims.Scope, Scopes.WriteScope),
                                               new Claim(Claims.ClientId, existingClient.Id));
            var result = rolesModule.Post($"/roles", with => with.JsonBody(roleToPost)).Result;

            Assert.Equal(HttpStatusCode.BadRequest, result.StatusCode);
            var error = result.Body.DeserializeJson <Error>();

            Assert.NotNull(error);
            if (errorCount > 0)
            {
                Assert.Equal(errorCount, error.Details.Length);
            }
        }
Пример #14
0
        private async Task AssociateGroupToRoleAsync(GroupRoleApiModel group, RoleApiModel role)
        {
            var groupRoleResponse = await _browser.Post($"/groups/{group.GroupName}/roles", with =>
            {
                with.HttpRequest();
                with.JsonBody(new[]
                {
                    new
                    {
                        role.Grain,
                        role.SecurableItem,
                        role.Name,
                        role.Id
                    }
                });
            });

            Assert.Equal(HttpStatusCode.OK, groupRoleResponse.StatusCode);
        }
Пример #15
0
        public void AddRole_Succeeds()
        {
            var existingClient = ExistingClients.First();
            var rolesModule    = CreateBrowser(new Claim(Claims.Scope, Scopes.WriteScope),
                                               new Claim(Claims.ClientId, existingClient.Id));
            var roleToPost = new RoleApiModel
            {
                Grain         = "app",
                SecurableItem = existingClient.Id,
                Name          = "test"
            };
            var result = rolesModule.Post($"/roles", with => with.JsonBody(roleToPost)).Result;

            Assert.Equal(HttpStatusCode.Created, result.StatusCode);
            var newRole = result.Body.DeserializeJson <RoleApiModel>();

            Assert.Equal(roleToPost.Name, newRole.Name);
            Assert.NotNull(newRole.Id);
        }
Пример #16
0
        public async Task CreateRoleAsync(RoleApiModel roleApiModel)
        {
            if (ModelState.IsValid)
            {
                var role = new RoleModel
                {
                    Name = roleApiModel.Name
                };

                var result = await _roleManager.CreateAsync(role);

                if (result.Succeeded)
                {
                    _logger.LogInformation("New Role created");
                }
                else
                {
                    _logger.LogInformation("Role not created.");
                }
            }
        }
Пример #17
0
        public IHttpActionResult Get(int id, [FromUri] BaseApiParameterModel param)
        {
            try
            {
                if (id <= 0)
                {
                    return(BadRequest(Messages.ApiIllegalParameter));
                }

                RoleModel model;
                model = dbContext.RoleModels.Where(x => x.Id == id).SingleOrDefault();
                if (model == null)
                {
                    return(NotFound());
                }

                RoleApiModel result = Mapper.Map <RoleApiModel>(model);
                return(Ok(result));
            }
            catch (Exception ex)
            {
                return(InternalServerError(ex));
            }
        }
Пример #18
0
        public void TestInheritance_Success()
        {
            var group = Group1;

            // Adding permissions
            var post = this.Browser.Post("/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.FormValue("Grain", "app");
                with.FormValue("SecurableItem", "userprincipal");
                with.FormValue("Name", "greatgrandfatherpermissions");
            }).Result;

            var ggfperm = post.Body.DeserializeJson <PermissionApiModel>();

            post = this.Browser.Post("/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.FormValue("Grain", "app");
                with.FormValue("SecurableItem", "userprincipal");
                with.FormValue("Name", "grandfatherpermissions");
            }).Result;

            var gfperm = post.Body.DeserializeJson <PermissionApiModel>();

            post = this.Browser.Post("/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.FormValue("Grain", "app");
                with.FormValue("SecurableItem", "userprincipal");
                with.FormValue("Name", "fatherpermissions");
            }).Result;

            var fperm = post.Body.DeserializeJson <PermissionApiModel>();

            post = this.Browser.Post("/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.FormValue("Grain", "app");
                with.FormValue("SecurableItem", "userprincipal");
                with.FormValue("Name", "himselfpermissions");
            }).Result;

            var hsperm = post.Body.DeserializeJson <PermissionApiModel>();

            post = this.Browser.Post("/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.FormValue("Grain", "app");
                with.FormValue("SecurableItem", "userprincipal");
                with.FormValue("Name", "sonpermissions");
            }).Result;

            var sonperm = post.Body.DeserializeJson <PermissionApiModel>();

            // Adding Roles
            var role = new RoleApiModel()
            {
                Grain         = "app",
                SecurableItem = "userprincipal",
                Name          = "greatgrandfather",
                Permissions   = new List <PermissionApiModel> {
                    ggfperm
                }
            };

            post = this.Browser.Post("/roles", with => // -3
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.JsonBody(role);
            }).Result;

            var ggf = post.Body.DeserializeJson <RoleApiModel>();

            post = this.Browser.Post("/roles", with => // -2
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                role.Name        = "grandfather";
                role.ParentRole  = ggf.Id;
                role.Permissions = new List <PermissionApiModel> {
                    gfperm
                };
                with.JsonBody(role);
            }).Result;

            var gf = post.Body.DeserializeJson <RoleApiModel>();

            post = this.Browser.Post("/roles", with => // -1
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                role.Name        = "father";
                role.ParentRole  = gf.Id;
                role.Permissions = new List <PermissionApiModel> {
                    fperm
                };
                with.JsonBody(role);
            }).Result;

            var f = post.Body.DeserializeJson <RoleApiModel>();

            post = this.Browser.Post("/roles", with => // 0
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                role.Name        = "himself";
                role.ParentRole  = f.Id;
                role.Permissions = new List <PermissionApiModel> {
                    hsperm
                };
                with.JsonBody(role);
            }).Result;

            var hs = post.Body.DeserializeJson <RoleApiModel>();

            post = this.Browser.Post("/roles", with => // 1
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                role.Name        = "son";
                role.ParentRole  = hs.Id;
                role.Permissions = new List <PermissionApiModel> {
                    sonperm
                };
                with.JsonBody(role);
            }).Result;

            post.Body.DeserializeJson <RoleApiModel>();

            // Adding groups
            this.Browser.Post("/groups", with =>
            {
                with.HttpRequest();
                with.FormValue("Id", group);
                with.FormValue("GroupName", group);
                with.FormValue("GroupSource", Source1);
                with.Header("Accept", "application/json");
            }).Wait();

            this.Browser.Post($"/groups/{group}/roles", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.FormValue("Id", hs.Identifier);
                with.Header("Accept", "application/json");
            }).Wait();

            // Get the permissions
            var get = this.Browser.Get("/user/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
            }).Result;

            Assert.Equal(HttpStatusCode.OK, get.StatusCode);
            Assert.True(get.Body.AsString().Contains("greatgrandfatherpermissions"));
            Assert.True(get.Body.AsString().Contains("grandfatherpermissions"));
            Assert.True(get.Body.AsString().Contains("fatherpermissions"));
            Assert.True(get.Body.AsString().Contains("himselfpermissions"));
            Assert.False(get.Body.AsString().Contains("sonpermissions"));
        }
Пример #19
0
        public void TestRoleBlacklist_Success()
        {
            // Adding permissions
            var post = this.Browser.Post("/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.FormValue("Grain", "app");
                with.FormValue("SecurableItem", "userprincipal");
                with.FormValue("Name", "viewpatient");
            }).Result;

            var viewPatientPermission = post.Body.DeserializeJson <PermissionApiModel>();

            post = this.Browser.Post("/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.FormValue("Grain", "app");
                with.FormValue("SecurableItem", "userprincipal");
                with.FormValue("Name", "editpatient");
            }).Result;

            var editPatientPermission = post.Body.DeserializeJson <PermissionApiModel>();


            // Adding roles
            var role = new RoleApiModel()
            {
                Grain         = "app",
                SecurableItem = "userprincipal",
                Name          = "viewer",
                Permissions   = new List <PermissionApiModel> {
                    viewPatientPermission
                }
            };

            post = this.Browser.Post("/roles", with => // -3
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.JsonBody(role);
            }).Result;

            var viewerRole = post.Body.DeserializeJson <RoleApiModel>();

            post = this.Browser.Post("/roles", with => // -2
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                role.Name        = "editor";
                role.Permissions = new List <PermissionApiModel>()
                {
                    editPatientPermission
                };

                // Role denies viewPatient permission
                role.DeniedPermissions = new List <PermissionApiModel> {
                    viewPatientPermission
                };
                with.JsonBody(role);
            }).Result;

            var editorRole = post.Body.DeserializeJson <RoleApiModel>();

            // Adding groups
            this.Browser.Post("/groups", with =>
            {
                with.HttpRequest();
                with.FormValue("Id", Group1);
                with.FormValue("GroupName", Group1);
                with.FormValue("GroupSource", Source1);
                with.Header("Accept", "application/json");
            }).Wait();

            this.Browser.Post("/groups", with =>
            {
                with.HttpRequest();
                with.FormValue("Id", Group2);
                with.FormValue("GroupName", Group2);
                with.FormValue("GroupSource", Source2);
                with.Header("Accept", "application/json");
            }).Wait();

            this.Browser.Post($"/groups/{Group1}/roles", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.FormValue("Id", viewerRole.Identifier);
            }).Wait();

            this.Browser.Post($"/groups/{Group2}/roles", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.FormValue("Id", editorRole.Identifier);
            }).Wait();

            // Get the permissions
            var get = this.Browser.Get("/user/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
            }).Result;

            Assert.Equal(HttpStatusCode.OK, get.StatusCode);
            var permissions = get.Body.DeserializeJson <UserPermissionsApiModel>();

            Assert.Contains("app/userprincipal.editpatient", permissions.Permissions);
            Assert.DoesNotContain("app/userprincipal.viewpatient", permissions.Permissions); // Denied by role
            Assert.Equal(1, permissions.Permissions.Count());
        }
Пример #20
0
        public void TestUserDeniedPermissionHasPrecedence_Success()
        {
            // Adding permissions
            var post = this.Browser.Post("/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.FormValue("Grain", "app");
                with.FormValue("SecurableItem", "userprincipal");
                with.FormValue("Name", "viewpatient");
            }).Result;

            var viewPatientPermission = post.Body.DeserializeJson <PermissionApiModel>();

            post = this.Browser.Post("/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.FormValue("Grain", "app");
                with.FormValue("SecurableItem", "userprincipal");
                with.FormValue("Name", "editpatient");
            }).Result;

            var editPatientPermission = post.Body.DeserializeJson <PermissionApiModel>();

            // Adding roles
            var role = new RoleApiModel()
            {
                Grain         = "app",
                SecurableItem = "userprincipal",
                Name          = "viewer",
                Permissions   = new List <PermissionApiModel> {
                    viewPatientPermission
                }
            };

            post = this.Browser.Post("/roles", with => // -3
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.JsonBody(role);
            }).Result;

            var viewerRole = post.Body.DeserializeJson <RoleApiModel>();

            post = this.Browser.Post("/roles", with => // -2
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                role.Name        = "editor";
                role.Permissions = new List <PermissionApiModel> {
                    editPatientPermission
                };
                with.JsonBody(role);
            }).Result;

            var editorRole = post.Body.DeserializeJson <RoleApiModel>();

            // Adding groups
            this.Browser.Post("/groups", with =>
            {
                with.HttpRequest();
                with.FormValue("Id", Group1);
                with.FormValue("GroupName", Group1);
                with.FormValue("GroupSource", Source1);
                with.Header("Accept", "application/json");
            }).Wait();

            this.Browser.Post("/groups", with =>
            {
                with.HttpRequest();
                with.FormValue("Id", Group2);
                with.FormValue("GroupName", Group2);
                with.FormValue("GroupSource", Source2);
                with.Header("Accept", "application/json");
            }).Wait();

            this.Browser.Post($"/groups/{Group1}/roles", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.FormValue("Id", viewerRole.Identifier);
            }).Wait();

            this.Browser.Post($"/groups/{Group2}/roles", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.FormValue("Id", editorRole.Identifier);
            }).Wait();

            // Adding same permission to blacklist and whitellist
            string subjectId = "userprincipal";

            editPatientPermission.PermissionAction = PermissionAction.Deny;

            this.Browser.Post($"/user/{IdentityProvider}/{subjectId}/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                var perms = new List <PermissionApiModel> {
                    editPatientPermission
                };
                with.JsonBody(perms);
            }).Wait();

            var modifyPatientPermission = new PermissionApiModel()
            {
                Grain         = "app",
                SecurableItem = "userprincipal",
                Name          = "modifypatient"
            };

            modifyPatientPermission.PermissionAction = PermissionAction.Allow;

            this.Browser.Post($"/user/{IdentityProvider}/{subjectId}/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                var perms = new List <PermissionApiModel> {
                    editPatientPermission, modifyPatientPermission
                };
                with.JsonBody(perms);
            }).Wait();

            // Get the permissions
            var get = this.Browser.Get("/user/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
            }).Result;

            Assert.Equal(HttpStatusCode.OK, get.StatusCode);
            var permissions = get.Body.DeserializeJson <UserPermissionsApiModel>();

            Assert.Contains("app/userprincipal.viewpatient", permissions.Permissions);       // from role
            Assert.Contains("app/userprincipal.modifypatient", permissions.Permissions);     // only whitelisted
            Assert.DoesNotContain("app/userprincipal.editpatient", permissions.Permissions); // from role & backlisted & whitelisted
            Assert.Equal(2, permissions.Permissions.Count());

            // Deny modifypatient and try again
            modifyPatientPermission.PermissionAction = PermissionAction.Deny;

            this.Browser.Post($"/user/{IdentityProvider}/{subjectId}/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                var perms = new List <PermissionApiModel>()
                {
                    editPatientPermission, modifyPatientPermission
                };
                with.JsonBody(perms);
            }).Wait();

            get = this.Browser.Get("/user/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
            }).Result;

            Assert.Equal(HttpStatusCode.OK, get.StatusCode);
            permissions = get.Body.DeserializeJson <UserPermissionsApiModel>();
            Assert.Contains("app/userprincipal.viewpatient", permissions.Permissions);         // from role
            Assert.DoesNotContain("app/userprincipal.modifypatient", permissions.Permissions); // backlisted & whitelisted
            Assert.DoesNotContain("app/userprincipal.editpatient", permissions.Permissions);   // from role & backlisted & whitelisted
            Assert.Equal(1, permissions.Permissions.Count());
        }
Пример #21
0
 public IHttpActionResult Put(int id, [FromBody] RoleApiModel value)
 {
     return(StatusCode(HttpStatusCode.MethodNotAllowed));
 }
Пример #22
0
        public void TestUserWhitelist_Success()
        {
            // Adding permissions
            var post = this.Browser.Post("/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.FormValue("Grain", "app");
                with.FormValue("SecurableItem", "userprincipal");
                with.FormValue("Name", "viewpatient");
            }).Result;

            var viewPatientPermission = post.Body.DeserializeJson <PermissionApiModel>();

            post = this.Browser.Post("/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.FormValue("Grain", "app");
                with.FormValue("SecurableItem", "userprincipal");
                with.FormValue("Name", "editpatient");
            }).Result;

            var editPatientPermission = post.Body.DeserializeJson <PermissionApiModel>();

            // Adding roles
            var role = new RoleApiModel()
            {
                Grain         = "app",
                SecurableItem = "userprincipal",
                Name          = "viewer",
                Permissions   = new List <PermissionApiModel> {
                    viewPatientPermission
                }
            };

            post = this.Browser.Post("/roles", with => // -3
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.JsonBody(role);
            }).Result;

            var viewerRole = post.Body.DeserializeJson <RoleApiModel>();

            post = this.Browser.Post("/roles", with => // -2
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                role.Name        = "editor";
                role.Permissions = new List <PermissionApiModel> {
                    editPatientPermission
                };
                with.JsonBody(role);
            }).Result;

            var editorRole = post.Body.DeserializeJson <RoleApiModel>();

            // Adding groups
            this.Browser.Post("/groups", with =>
            {
                with.HttpRequest();
                with.FormValue("Id", Group1);
                with.FormValue("GroupName", Group1);
                with.FormValue("GroupSource", Source1);
                with.Header("Accept", "application/json");
            }).Wait();

            this.Browser.Post("/groups", with =>
            {
                with.HttpRequest();
                with.FormValue("Id", Group2);
                with.FormValue("GroupName", Group2);
                with.FormValue("GroupSource", Source2);
                with.Header("Accept", "application/json");
            }).Wait();

            this.Browser.Post($"/groups/{Group1}/roles", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.FormValue("Id", viewerRole.Identifier);
            }).Wait();

            this.Browser.Post($"/groups/{Group2}/roles", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                with.FormValue("Id", editorRole.Identifier);
            }).Wait();

            // Adding permission (user also can modify patient, even though role doesn't)
            var modifyPatientPermission = new PermissionApiModel()
            {
                Grain            = "app",
                SecurableItem    = "userprincipal",
                Name             = "modifypatient",
                PermissionAction = PermissionAction.Allow
            };

            string subjectId = "userprincipal";

            this.Browser.Post($"/user/{IdentityProvider}/{subjectId}/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
                var perms = new List <PermissionApiModel> {
                    modifyPatientPermission
                };
                with.JsonBody(perms);
            }).Wait();

            // Get the permissions
            var get = this.Browser.Get("/user/permissions", with =>
            {
                with.HttpRequest();
                with.Header("Accept", "application/json");
            }).Result;

            Assert.Equal(HttpStatusCode.OK, get.StatusCode);
            var permissions = get.Body.DeserializeJson <UserPermissionsApiModel>();

            Assert.Contains("app/userprincipal.editpatient", permissions.Permissions);
            Assert.Contains("app/userprincipal.viewpatient", permissions.Permissions);
            Assert.Contains("app/userprincipal.modifypatient", permissions.Permissions);
            Assert.Equal(3, permissions.Permissions.Count());
        }