public async void GetAdminUserStatusHandler_WithNonExternalUser_ThrowsSecurityException(AuthorizationBuilder.UserType userType) { // Arrange Guid userId = new Guid("AC9116BC-5732-4F80-9AED-A6E2A0C4C1F1"); IGetAdminUserDataAccess dataAccess = A.Fake <IGetAdminUserDataAccess>(); Domain.Admin.CompetentAuthorityUser user = A.Fake <Domain.Admin.CompetentAuthorityUser>(); A.CallTo(() => dataAccess.GetAdminUserOrDefault(userId)).Returns(user); IWeeeAuthorization authorization = AuthorizationBuilder.CreateFromUserType(userType); var userMap = A.Fake <IMap <Domain.User.UserStatus, Core.Shared.UserStatus> >(); A.CallTo(() => userMap.Map(user.UserStatus)).Returns(UserStatus.Inactive); GetAdminUserStatusHandler handler = new GetAdminUserStatusHandler(dataAccess, userMap, authorization); GetAdminUserStatus request = new GetAdminUserStatus(userId.ToString()); // Act Func <Task <UserStatus> > action = () => handler.HandleAsync(request); // Assert await Assert.ThrowsAsync <SecurityException>(action); }
public async void GetSchemeByIdHandler_WithNonInternalUser_ThrowsSecurityException(AuthorizationBuilder.UserType userType) { // Arrage Guid schemeId = new Guid("AC9116BC-5732-4F80-9AED-A6E2A0C4C1F1"); ISchemeDataAccess dataAccess = A.Fake <ISchemeDataAccess>(); Scheme scheme = A.Fake <Scheme>(); A.CallTo(() => dataAccess.GetSchemeOrDefault(schemeId)).Returns(scheme); IWeeeAuthorization authorization = AuthorizationBuilder.CreateFromUserType(userType); var mapper = A.Fake <IMapper>(); SchemeData schemeData = A.Fake <SchemeData>(); A.CallTo(() => mapper.Map <Scheme, SchemeData>(scheme)) .Returns(schemeData); GetSchemeByIdHandler handler = new GetSchemeByIdHandler(dataAccess, mapper, authorization); GetSchemeById request = new GetSchemeById(schemeId); // Act Func <Task <SchemeData> > action = () => handler.HandleAsync(request); // Assert await Assert.ThrowsAsync <SecurityException>(action); }
public async Task HandleAsync_WithNonInternalAccess_ThrowsSecurityException(AuthorizationBuilder.UserType userType) { var handler = new CheckAatfApprovalDateChangeHandler(AuthorizationBuilder.CreateFromUserType(userType), aatfDataAccess, getAatfApprovalDateChangeStatus); Func <Task> action = async() => await handler.HandleAsync(A.Dummy <CheckAatfApprovalDateChange>()); await Assert.ThrowsAsync <SecurityException>(action); }
public async Task HandleAsync_WithNonInternalAccess_ThrowsSecurityException(AuthorizationBuilder.UserType userType) { var handler = new CheckAatfCanBeDeletedHandler(AuthorizationBuilder.CreateFromUserType(userType), aatfDeletionStatus, organisationDeletionStatus, aatfDataAccess); Func <Task> action = async() => await handler.HandleAsync(A.Dummy <CheckAatfCanBeDeleted>()); await Assert.ThrowsAsync <SecurityException>(action); }
public async Task OrganisationByIdHandler_NotInternalUser_ThrowsSecurityException() { var authorization = AuthorizationBuilder.CreateFromUserType(AuthorizationBuilder.UserType.External); var handler = new OrganisationInternalByIdHandler(authorization, context, map); var message = new GetInternalOrganisation(Guid.NewGuid()); await Assert.ThrowsAsync <SecurityException>(async() => await handler.HandleAsync(message)); }
public async Task HandleAsync_WithNonInternalAccess_ThrowsSecurityException(AuthorizationBuilder.UserType userType) { IWeeeAuthorization authorization = AuthorizationBuilder.CreateFromUserType(userType); UserManager <ApplicationUser> userManager = A.Fake <UserManager <ApplicationUser> >(); CheckApprovalNumberIsUniqueHandler handler = new CheckApprovalNumberIsUniqueHandler(authorization, dataAccess); Func <Task> action = async() => await handler.HandleAsync(A.Dummy <CheckApprovalNumberIsUnique>()); await Assert.ThrowsAsync <SecurityException>(action); }
public async Task HandleAsync_WithNonInternalAccess_ThrowsSecurityException(AuthorizationBuilder.UserType userType) { var authorization = AuthorizationBuilder.CreateFromUserType(userType); var userManager = A.Fake <UserManager <ApplicationUser> >(); var handler = new AddAatfRequestHandler(authorization, dataAccess, addressMapper, contactMapper, commonDataAccess); Func <Task> action = async() => await handler.HandleAsync(A.Dummy <AddAatf>()); await Assert.ThrowsAsync <SecurityException>(action); }
public async Task HandleAsync_WithNonInternalAccess_ThrowsSecurityException(AuthorizationBuilder.UserType userType) { IWeeeAuthorization authorization = AuthorizationBuilder.CreateFromUserType(userType); UserManager <ApplicationUser> userManager = A.Fake <UserManager <ApplicationUser> >(); CompleteOrganisationAdminHandler handler = new CompleteOrganisationAdminHandler(authorization, this.dataAccess); Func <Task> action = async() => await handler.HandleAsync(A.Dummy <CompleteOrganisationAdmin>()); await Assert.ThrowsAsync <SecurityException>(action); }
public async Task HandleAsync_WithNonInternalAccess_ThrowsSecurityException(AuthorizationBuilder.UserType userType) { // Arrange var authorization = AuthorizationBuilder.CreateFromUserType(userType); var dataAccess = A.Fake <IOrganisationDetailsDataAccess>(); var handler = new UpdateOrganisationDetailsHandler(dataAccess, authorization); // Act Func <Task> action = async() => await handler.HandleAsync(A.Dummy <UpdateOrganisationDetails>()); // Assert await Assert.ThrowsAsync <SecurityException>(action); }
public async void HandleAsync_WithNonInternalUser_ThrowSecurityException(AuthorizationBuilder.UserType userType) { // Arrange var authorization = AuthorizationBuilder.CreateFromUserType(userType); var emailService = A.Fake <IWeeeEmailService>(); SendTestEmailHandler handler = new SendTestEmailHandler(authorization, emailService); // Act Func <Task <bool> > action = () => handler.HandleAsync(A.Dummy <SendTestEmail>()); // Assert await Assert.ThrowsAsync <SecurityException>(action); }
public async Task HandleAsync_WithNonInternalAccess_ThrowsSecurityException(AuthorizationBuilder.UserType userType) { var authorization = AuthorizationBuilder.CreateFromUserType(userType); var userManager = A.Fake <UserManager <ApplicationUser> >(); var handler = new DeleteAatfHandler(authorization, aatfDataAccess, organisationDataAccess, weeeContext, getAatfDeletionStatus); Func <Task> action = async() => await handler.HandleAsync(A.Dummy <DeleteAnAatf>()); await Assert.ThrowsAsync <SecurityException>(action); }
public async Task VerifyOrganisationExistsHandler_InternalUser_PassesSecurityCheck() { var internalAuthorization = AuthorizationBuilder.CreateFromUserType(AuthorizationBuilder.UserType.Internal); var organisations = MakeOrganisation(); var context = A.Fake <WeeeContext>(); A.CallTo(() => context.Organisations).Returns(organisations); var handler = new VerifyOrganisationExistsHandler(internalAuthorization, context); var message = new VerifyOrganisationExists(Guid.NewGuid()); await handler.HandleAsync(message); A.CallTo(() => context.Organisations).MustHaveHappened(); }
public async Task HandleAsync_WithNonInternalAccess_ThrowsSecurityException(AuthorizationBuilder.UserType userType) { // Arrange IWeeeAuthorization authorization = AuthorizationBuilder.CreateFromUserType(userType); UserManager <ApplicationUser> userManager = A.Fake <UserManager <ApplicationUser> >(); var handler = new UpdateUserHandler(authorization, userManager); var request = new UpdateUser(Guid.NewGuid().ToString(), "TestFirstName", "TestLastName"); // Act Func <Task> action = async() => await handler.HandleAsync(request); // Assert await Assert.ThrowsAsync <SecurityException>(action); }
public async Task VerifyApprovalNumberExistsHandler_WithNonInternalUser_ThrowsSecurityException(AuthorizationBuilder.UserType userType) { // Arrange WeeeContext context = A.Fake <WeeeContext>(); IWeeeAuthorization authorization = AuthorizationBuilder.CreateFromUserType(userType); VerifyApprovalNumberExistsHandler handler = new VerifyApprovalNumberExistsHandler(context, authorization); VerifyApprovalNumberExists request = new VerifyApprovalNumberExists("approval number"); // Act Func <Task <bool> > action = () => handler.HandleAsync(request); // Assert await Assert.ThrowsAsync <SecurityException>(action); }
public async Task HandleAsync_WithNonInternalUser_ThrowSecurityException(AuthorizationBuilder.UserType userType) { // Arrange var authorization = AuthorizationBuilder.CreateFromUserType(userType); var handler = new GetSubmissionChangesCsvHandler( authorization, A.Dummy <IGetSubmissionChangesCsvDataAccess>(), A.Dummy <ICsvWriter <SubmissionChangesCsvData> >()); // Act Func <Task <CSVFileData> > action = () => handler.HandleAsync(A.Dummy <GetSubmissionChangesCsv>()); // Assert await Assert.ThrowsAsync <SecurityException>(action); }
public async Task SetSchemeStatusHandler_WithNonInternalUser_ThrowsSecurityException( AuthorizationBuilder.UserType userType) { // Arrange var authorization = AuthorizationBuilder.CreateFromUserType(userType); var handler = new SetSchemeStatusHandler(context, authorization); var schemeId = new Guid("3C367528-AE93-427F-A4C5-E23F0D317633"); var request = new SetSchemeStatus(schemeId, SchemeStatus.Approved); // Act Func <Task <Guid> > action = () => handler.HandleAsync(request); // Assert await Assert.ThrowsAsync <SecurityException>(action); }
public async Task HandleAsync_WithNonInternalUser_ThrowsSecurityException(AuthorizationBuilder.UserType userType) { // Arrange IGetProducerDetailsByRegisteredProducerIdDataAccess dataAccess = A.Dummy <IGetProducerDetailsByRegisteredProducerIdDataAccess>(); IWeeeAuthorization authorization = AuthorizationBuilder.CreateFromUserType(userType); GetProducerDetailsByRegisteredProducerIdHandler handler = new GetProducerDetailsByRegisteredProducerIdHandler(dataAccess, authorization); Requests.Admin.GetProducerDetailsByRegisteredProducerId request = new Requests.Admin.GetProducerDetailsByRegisteredProducerId(Guid.NewGuid()); // Act Func <Task <ProducerDetailsScheme> > action = async() => await handler.HandleAsync(request); // Assert await Assert.ThrowsAsync <SecurityException>(action); }
public async void GetSchemesHandler_WithNonInternalUser_ThrowsSecurityException(AuthorizationBuilder.UserType userType) { IGetSchemesDataAccess dataAccess = CreateFakeDataAccess(); IWeeeAuthorization authorization = AuthorizationBuilder.CreateFromUserType(userType); IMap <Scheme, SchemeData> schemeMap = CreateFakeSchemeMap(); GetSchemesHandler handler = new GetSchemesHandler(dataAccess, schemeMap, authorization); GetSchemes request = new GetSchemes(); // Act Func <Task <List <SchemeData> > > action = () => handler.HandleAsync(request); // Assert await Assert.ThrowsAsync <SecurityException>(action); }
public async Task HandleAsync_WithNonInternalUser_ThrowsSecurityException(AuthorizationBuilder.UserType userType) { // Arrange IGetProducerComplianceYearDataAccess dataAccess = A.Dummy <IGetProducerComplianceYearDataAccess>(); IWeeeAuthorization authorization = AuthorizationBuilder.CreateFromUserType(userType); GetProducerComplianceYearHandler handler = new GetProducerComplianceYearHandler(dataAccess, authorization); Requests.Admin.GetProducerComplianceYear request = new Requests.Admin.GetProducerComplianceYear() { RegistrationNumber = "WEE/AA1111AA" }; // Act Func <Task <List <int> > > action = async() => await handler.HandleAsync(request); // Assert await Assert.ThrowsAsync <SecurityException>(action); }
public async void GetUserDataHandler_WithNonInternalUser_ThrowSecurityException(AuthorizationBuilder.UserType userType) { // Arrange IGetManageUserDataAccess dataAccess = A.Fake <IGetManageUserDataAccess>(); A.CallTo(() => dataAccess.GetCompetentAuthorityUser(Guid.NewGuid())).Returns(new ManageUserData()); A.CallTo(() => dataAccess.GetOrganisationUser(Guid.NewGuid())).Returns(new ManageUserData()); IWeeeAuthorization authorization = AuthorizationBuilder.CreateFromUserType(userType); GetUserDataHandler handler = new GetUserDataHandler(userContext, authorization, dataAccess); GetUserData request = new GetUserData(Guid.NewGuid()); // Act Func <Task <ManageUserData> > action = () => handler.HandleAsync(request); // Assert await Assert.ThrowsAsync <SecurityException>(action); }
public async void FindMatchingUsersHandler_WithNonInternalUser_ThrowSecurityException(AuthorizationBuilder.UserType userType) { // Arrage IFindMatchingUsersDataAccess dataAccess = A.Fake <IFindMatchingUsersDataAccess>(); var filter = fixture.Create <UserFilter>(); A.CallTo(() => dataAccess.GetOrganisationUsers(filter)).Returns(new UserSearchData[5]); A.CallTo(() => dataAccess.GetCompetentAuthorityUsers(filter)).Returns(new UserSearchData[5]); IWeeeAuthorization authorization = AuthorizationBuilder.CreateFromUserType(userType); FindMatchingUsersHandler handler = new FindMatchingUsersHandler(authorization, dataAccess); FindMatchingUsers request = new FindMatchingUsers(1, 1, FindMatchingUsers.OrderBy.FullNameAscending, filter); // Act Func <Task <UserSearchDataResult> > action = () => handler.HandleAsync(request); // Assert await Assert.ThrowsAsync <SecurityException>(action); }