public async Task HasAccessAsyncTrue() { // Arrange _userManager.Setup(u => u.GetUserAsync(It.IsAny <ClaimsPrincipal>())) .ReturnsAsync(new DatabaseEntities.User()); _userManager.Setup(u => u.GetRolesAsync(It.IsAny <DatabaseEntities.User>())) .ReturnsAsync(new List <string> { CityAdminRoleName }); _repositoryWrapper.Setup(r => r.CityAdministration.GetFirstOrDefaultAsync(It.IsAny <Expression <Func <DatabaseEntities.CityAdministration, bool> > >(), null)) .ReturnsAsync(new DatabaseEntities.CityAdministration()); _repositoryWrapper.Setup(r => r.City.GetAllAsync(It.IsAny <Expression <Func <DatabaseEntities.City, bool> > >(), null)) .ReturnsAsync(new List <DatabaseEntities.City> { new DatabaseEntities.City() { ID = 1 } }); _mapper.Setup(m => m.Map <IEnumerable <DatabaseEntities.City>, IEnumerable <CityDTO> >(It.IsAny <IEnumerable <DatabaseEntities.City> >())) .Returns(new List <CityDTO> { new CityDTO() { ID = 1 } }); // Act var result = await _cityAccessService.HasAccessAsync(new User(), 1); // Assert Assert.True(result); }
///<inheritdoc/> public async Task <AnnualReportDTO> GetByIdAsync(User user, int id) { var annualReport = await _repositoryWrapper.AnnualReports.GetFirstOrDefaultAsync( predicate : a => a.ID == id, include : source => source .Include(a => a.NewCityAdmin) .Include(a => a.MembersStatistic) .Include(a => a.City)); return(await _cityAccessService.HasAccessAsync(user) ? _mapper.Map <AnnualReport, AnnualReportDTO>(annualReport) : throw new UnauthorizedAccessException()); }
public async Task <IActionResult> GetMembers(int cityId) { var cityProfileDto = await _cityService.GetCityMembersAsync(cityId); if (cityProfileDto == null) { return(NotFound()); } var cityProfile = _mapper.Map <CityProfileDTO, CityViewModel>(cityProfileDto); cityProfile.CanEdit = await _cityAccessService.HasAccessAsync(User, cityId); return(Ok(new { cityProfile.Members, cityProfile.CanEdit })); }
public async Task <IActionResult> CreateAsAdmin(int cityId) { try { if (await _cityAccessService.HasAccessAsync(User, cityId)) { var cityDTO = await _cityService.GetByIdAsync(cityId); var city = _mapper.Map <CityDTOs.CityDTO, CityVMs.CityViewModel>(cityDTO); return(View("CreateEdit", await GetCreateEditViewModel(city, AnnualReportOperation.Creating))); } else { _loggerService.LogError($"Exception: {User} does not have access to the city (cityId - {cityId})"); return(RedirectToAction("HandleError", "Error", new { code = StatusCodes.Status500InternalServerError })); } } catch (InvalidOperationException e) { ViewData["ErrorMessage"] = e.Message; return(View("CreateEdit")); } catch (Exception e) { _loggerService.LogError($"Exception: {e.Message}"); return(RedirectToAction("HandleError", "Error", new { code = StatusCodes.Status500InternalServerError })); } }
/// <inheritdoc /> public async Task <CityProfileDTO> GetCityProfileAsync(int cityId, ClaimsPrincipal user) { var cityProfileDto = await GetCityProfileAsync(cityId); var userId = _userManager.GetUserId(user); cityProfileDto.City.CanCreate = user.IsInRole("Admin"); cityProfileDto.City.CanEdit = await _cityAccessService.HasAccessAsync(user, cityId); cityProfileDto.City.CanJoin = (await _repoWrapper.CityMembers .GetFirstOrDefaultAsync(u => u.User.Id == userId && u.CityId == cityId)) == null; return(cityProfileDto); }
///<inheritdoc/> public async Task <AnnualReportDTO> GetByIdAsync(ClaimsPrincipal claimsPrincipal, int id) { var annualReport = await _repositoryWrapper.AnnualReports.GetFirstOrDefaultAsync( predicate : a => a.ID == id, include : source => source .Include(a => a.MembersStatistic) .Include(a => a.CityManagement) .ThenInclude(c => c.CityAdminNew) .Include(a => a.City)); return(await _cityAccessService.HasAccessAsync(claimsPrincipal, annualReport.CityId) ? _mapper.Map <AnnualReport, AnnualReportDTO>(annualReport) : throw new UnauthorizedAccessException()); }
/// <inheritdoc /> public async Task <CityProfileDTO> GetCityProfileAsync(int cityId, DataAccessCity.User user) { var cityProfileDto = await GetCityProfileAsync(cityId); var userId = await _userManager.GetUserIdAsync(user); var userRoles = await _userManager.GetRolesAsync(user); cityProfileDto.City.CanCreate = userRoles.Contains("Admin"); cityProfileDto.City.CanEdit = await _cityAccessService.HasAccessAsync(user, cityId); cityProfileDto.City.CanJoin = (await _repoWrapper.CityMembers .GetFirstOrDefaultAsync(u => u.User.Id == userId && u.CityId == cityId)) == null; return(cityProfileDto); }