private static void CheckAuthorization(GetCommitmentRequest message, Domain.Entities.Commitment commitment)
{
switch (message.Caller.CallerType)
{
case CallerType.Provider:
if (commitment.ProviderId != message.Caller.Id)
{
throw new UnauthorizedException($"Provider {message.Caller.Id} not authorised to access commitment {message.CommitmentId}, expected provider {commitment.ProviderId}");
}
break;
case CallerType.TransferSender:
if (commitment.TransferSenderId != message.Caller.Id)
{
throw new UnauthorizedException($"Transfer Sender {message.Caller.Id} not authorised to access commitment {message.CommitmentId}, expected transfer sender {commitment.TransferSenderId}");
}
break;
case CallerType.Support:
break;
case CallerType.Employer:
default:
if (commitment.EmployerAccountId != message.Caller.Id)
{
throw new UnauthorizedException($"Employer {message.Caller.Id} not authorised to access commitment {message.CommitmentId}, expected employer {commitment.EmployerAccountId}");
}
break;
}
}
private void AssertMappingIsCorrect(Domain.Entities.Commitment argument)
{
argument.Reference.Should().Be(_exampleValidRequest.Commitment.Reference);
argument.EmployerAccountId.Should().Be(_exampleValidRequest.Commitment.EmployerAccountId);
argument.LegalEntityId.Should().Be(_exampleValidRequest.Commitment.LegalEntityId);
argument.LegalEntityAddress.Should().Be(_exampleValidRequest.Commitment.LegalEntityAddress);
argument.LegalEntityOrganisationType.Should().Be(_exampleValidRequest.Commitment.LegalEntityOrganisationType);
argument.ProviderId.Should().Be(_exampleValidRequest.Commitment.ProviderId);
argument.CommitmentStatus.Should().Be(CommitmentStatus.New);
argument.LastAction.Should().Be(LastAction.None);
argument.LastUpdatedByEmployerName.Should().Be(_exampleValidRequest.Commitment.LastUpdatedByEmployerName);
argument.LastUpdatedByEmployerEmail.Should().Be(_exampleValidRequest.Commitment.LastUpdatedByEmployerEmail);
argument.Apprenticeships.Should().BeEmpty();
}
