public async Task WithPermission() { var fixture = new Fixture(); ManageProjectPropertiesPermission(fixture); var tokenizer = new Mock <ITokenizer>(); tokenizer .Setup(x => x.Principal(It.IsAny <string>())) .Returns(PrincipalWithClaims()); var vstsClient = new Mock <IVstsRestClient>(); vstsClient .Setup(x => x.GetAsync(It.Is <IVstsRequest <Response.PermissionsProjectId> >(req => req.QueryParams.Values.Contains("ab84d5a2-4b8d-68df-9ad3-cc9c8884270c")))) .Returns(Task.FromResult(fixture.Create <Response.PermissionsProjectId>())) .Verifiable(); var request = new HttpRequestMessage(); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", ""); var function = new ReconcileFunction(vstsClient.Object, new IBuildPipelineRule[0], new IReleasePipelineRule[0], new IProjectRule[0], new IRepositoryRule[0], tokenizer.Object); (await function .HasPermissionAsync(request, "raboweb", "TAS")) .ShouldBeOfType <OkObjectResult>() .Value .ShouldBe(true); vstsClient.Verify(); }
public async Task ScopeNotFound() { var fixture = new Fixture(); ManageProjectPropertiesPermission(fixture); var tokenizer = new Mock <ITokenizer>(); tokenizer .Setup(x => x.Principal(It.IsAny <string>())) .Returns(PrincipalWithClaims()); var vstsClient = new Mock <IVstsRestClient>(); vstsClient .Setup(x => x.GetAsync(It.IsAny <IVstsRequest <Response.PermissionsProjectId> >())) .Returns(Task.FromResult(fixture.Create <Response.PermissionsProjectId>())) .Verifiable(); var request = new HttpRequestMessage(); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", ""); var function = new ReconcileFunction(vstsClient.Object, new IBuildPipelineRule[0], new IReleasePipelineRule[0], new IProjectRule[0], new IRepositoryRule[0], tokenizer.Object); var result = (await function.ReconcileAsync(request, "raboweb", "TAS", "non-existing-scope", "some-non-existing-rule")).ShouldBeOfType <NotFoundObjectResult>(); result.Value.ShouldBe("non-existing-scope"); }
public async Task <ItemExtensionData> RunAsync([ActivityTrigger] Response.Project project) { if (project == null) { throw new ArgumentNullException(nameof(project)); } return(new ItemExtensionData { Item = null, ItemId = null, Rules = await Task.WhenAll(_rules.Select(async r => { var ruleName = r.GetType().Name; return new EvaluatedRule { Name = ruleName, Description = r.Description, Link = r.Link, Status = await r.EvaluateAsync(project.Id) .ConfigureAwait(false), Reconcile = ReconcileFunction.ReconcileFromRule( _config, project.Id, r as IProjectReconcile) }; }) .ToList()) .ConfigureAwait(false) }); }
public async Task UnauthorizedWithoutHeaderWhenHasPermission() { var request = new HttpRequestMessage(); request.Headers.Authorization = null; var function = new ReconcileFunction(null, new IBuildPipelineRule[0], new IReleasePipelineRule[0], new IProjectRule[0], new IRepositoryRule[0], new Mock <ITokenizer>().Object); (await function .HasPermissionAsync(request, "raboweb", "TAS")) .ShouldBeOfType <UnauthorizedResult>(); }
public async Task CanPassPostDataToRule() { var fixture = new Fixture(); ManageProjectPropertiesPermission(fixture); var rule = new Mock <IProjectRule>(MockBehavior.Strict); rule .As <IProjectReconcile>() .Setup(x => x.ReconcileAsync("TAS")) .Returns(Task.CompletedTask) .Verifiable(); var tokenizer = new Mock <ITokenizer>(); tokenizer .Setup(x => x.Principal(It.IsAny <string>())) .Returns(PrincipalWithClaims()); var vstsClient = new Mock <IVstsRestClient>(); vstsClient .Setup(x => x.GetAsync(It.IsAny <IVstsRequest <Response.PermissionsProjectId> >())) .Returns(Task.FromResult(fixture.Create <Response.PermissionsProjectId>())); var json = JsonConvert.SerializeObject(new { ciIdentifier = "CI123444" }); var request = new HttpRequestMessage(); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", ""); request.Content = new StringContent( json, System.Text.Encoding.UTF8, "application/json" ); var function = new ReconcileFunction(vstsClient.Object, new IBuildPipelineRule[0], new IReleasePipelineRule[0], new[] { rule.Object }, new IRepositoryRule[0], tokenizer.Object); (await function.ReconcileAsync(request, "raboweb", "TAS", RuleScopes.GlobalPermissions, rule.Object.GetType().Name)).ShouldBeOfType <OkResult>(); rule.Verify(); }
public async Task UnauthorizedWithoutNameClaimWhenHasPermission() { var tokenizer = new Mock <ITokenizer>(); tokenizer .Setup(x => x.Principal(It.IsAny <string>())) .Returns(new ClaimsPrincipal()); var request = new HttpRequestMessage(); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", ""); var function = new ReconcileFunction(null, new IBuildPipelineRule[0], new IReleasePipelineRule[0], new IProjectRule[0], new IRepositoryRule[0], tokenizer.Object); (await function .HasPermissionAsync(request, "raboweb", "TAS")) .ShouldBeOfType <UnauthorizedResult>(); }
public async Task CanCheckPermissionsForUserWithUnknownVsIInTokenAndInvalidUserId() { var fixture = new Fixture(); ManageProjectPropertiesPermission(fixture); var tokenizer = new Mock <ITokenizer>(); tokenizer .Setup(x => x.Principal(It.IsAny <string>())) .Returns(PrincipalWithClaims()); var vstsClient = new Mock <IVstsRestClient>(); vstsClient .Setup(x => x.GetAsync(It.Is <IVstsRequest <Response.PermissionsProjectId> >(req => req.QueryParams.Values.Contains("ab84d5a2-4b8d-68df-9ad3-cc9c8884270c")))) .Returns(Task.FromResult <Response.PermissionsProjectId>(null)) .Verifiable(); vstsClient .Setup(x => x.GetAsync(It.Is <IVstsRequest <Response.PermissionsProjectId> >(req => req.QueryParams.Values.Contains("ef2e3683-8fb5-439d-9dc9-53af732e6387")))) .Returns(Task.FromResult <Response.PermissionsProjectId>(null)) .Verifiable(); var request = new HttpRequestMessage(); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", ""); request.RequestUri = new System.Uri( "https://dev.azure.com/reconcile/raboweb/TAS/haspermissions?userId=ef2e3683-8fb5-439d-9dc9-53af732e6387"); var function = new ReconcileFunction(vstsClient.Object, new IBuildPipelineRule[0], new IReleasePipelineRule[0], new IProjectRule[0], new IRepositoryRule[0], tokenizer.Object); (await function .HasPermissionAsync(request, "raboweb", "TAS")) .ShouldBeOfType <OkObjectResult>() .Value .ShouldBe(false); vstsClient.Verify(); }
public async Task ExistingRepositoryRuleExecutedWhenReconcile() { var fixture = new Fixture(); ManageProjectPropertiesPermission(fixture); var rule = new Mock <IRepositoryRule>(MockBehavior.Strict); rule .As <IReconcile>() .Setup(x => x.ReconcileAsync("TAS", "repository-id")) .Returns(Task.CompletedTask) .Verifiable(); var tokenizer = new Mock <ITokenizer>(); tokenizer .Setup(x => x.Principal(It.IsAny <string>())) .Returns(PrincipalWithClaims()); var vstsClient = new Mock <IVstsRestClient>(); vstsClient .Setup(x => x.GetAsync(It.IsAny <IVstsRequest <Response.PermissionsProjectId> >())) .Returns(Task.FromResult(fixture.Create <Response.PermissionsProjectId>())); var request = new HttpRequestMessage(); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", ""); var function = new ReconcileFunction(vstsClient.Object, new IBuildPipelineRule[0], new IReleasePipelineRule[0], new IProjectRule[0], new[] { rule.Object }, tokenizer.Object); (await function.ReconcileAsync(request, "raboweb", "TAS", RuleScopes.Repositories, rule.Object.GetType().Name, "repository-id")).ShouldBeOfType <OkResult>(); rule.Verify(); }
public async Task UnauthorizedWithoutPermissionWhenReconcile() { var fixture = new Fixture(); fixture.Customize <Response.Permission>(ctx => ctx.With(x => x.DisplayName, "Manage project properties")); var tokenizer = new Mock <ITokenizer>(); tokenizer .Setup(x => x.Principal(It.IsAny <string>())) .Returns(PrincipalWithClaims()); var vstsClient = new Mock <IVstsRestClient>(); vstsClient .Setup(x => x.GetAsync(It.Is <IVstsRequest <Response.PermissionsProjectId> >(req => req.QueryParams.Values.Contains("ab84d5a2-4b8d-68df-9ad3-cc9c8884270c")))) .Returns(Task.FromResult(fixture.Create <Response.PermissionsProjectId>())) .Verifiable(); var request = new HttpRequestMessage(); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", ""); var function = new ReconcileFunction(vstsClient.Object, new IBuildPipelineRule[0], new IReleasePipelineRule[0], new IProjectRule[0], new IRepositoryRule[0], tokenizer.Object); (await function.ReconcileAsync(request, "raboweb", "TAS", RuleScopes.GlobalPermissions, "some-non-existing-rule")) .ShouldBeOfType <UnauthorizedResult>(); vstsClient.Verify(); }