private static IHttpResponse ToPermission( ExceptionHttpResponseContext configuration, EntityPermissionApiEvent apiEvent) { var userId = configuration.Formatter.Field(apiEvent.UserId); var resource = configuration.Formatter.Resource(apiEvent.EntityType); var resourceId = configuration.Formatter.Field(apiEvent.EntityId); var message = $"The user with identifier '{apiEvent.UserId}', does not have permission to access the {resource} resource with identifier '{resourceId}'"; return(new ResourceAccessPermissionHttpResponse( message, configuration.Formatter.Code(apiEvent.Code), userId, resource, resourceId)); }
public async Task PermissionResultShouldReturn403( SampleServerFactory serverFactory, Mock <IHttpActionResultFactory> actionResultFactory, HttpRequestMessage request, EntityPermissionApiEvent apiEvent) { var result = new TestAutoResponseResult(request, apiEvent); actionResultFactory.Setup(f => f.Create(It.IsAny <HttpRequestMessage>())).Returns(result); using (var server = serverFactory .With <IHttpActionResultFactory>(actionResultFactory.Object) .Create()) { var response = await server.HttpClient.GetAsync("/api/result"); Assert.Equal(HttpStatusCode.Forbidden, response.StatusCode); } }