public async Task <OrganisationData> HandleAsync(OrganisationBySchemeId message) { authorization.CheckInternalOrSchemeAccess(message.SchemeId); var organisation = await organisationDataAccess.GetBySchemeId(message.SchemeId); var organisationData = mapper.Map <Organisation, OrganisationData>(organisation); organisationData.CanEditOrganisation = authorization.CheckUserInRole(Roles.InternalAdmin); return(organisationData); }
public async void IfAUserDoesNotHaveAccessToEitherSchemeOrInternalArea_ASecurityExceptionIsThrown_AndNoDataIsRetrieved() { var message = new OrganisationBySchemeId(Guid.NewGuid()); A.CallTo(() => authorization.CheckInternalOrSchemeAccess(message.SchemeId)) .Throws <SecurityException>(); await Assert.ThrowsAsync <SecurityException>(() => Handler().HandleAsync(message)); A.CallTo(() => organisationDataAccess.GetBySchemeId(A <Guid> ._)) .MustNotHaveHappened(); }