public async Task Test_roles_assign_unassign_permission_to_role() { // Add a new role var newRoleRequest = new RoleCreateRequest { Name = $"{Guid.NewGuid():N}role", Description = $"{Guid.NewGuid():N}description", }; var role = await _apiClient.Roles.CreateAsync(newRoleRequest); role.Should().NotBeNull(); role.Name.Should().Be(newRoleRequest.Name); role.Description.Should().Be(newRoleRequest.Description); // Get a resource server var resourceServer = await _apiClient.ResourceServers.GetAsync("5cccc711773967081270a036"); var originalScopes = resourceServer.Scopes.ToList(); // Create a permission/scope var newScope = new ResourceServerScope { Value = $"{Guid.NewGuid():N}scope", Description = "Integration test" }; // Update resource server with new scope resourceServer = await _apiClient.ResourceServers.UpdateAsync(resourceServer.Id, new ResourceServerUpdateRequest { Scopes = originalScopes.Concat(new[] { newScope }).ToList(), }); // Associate a permission with the role var assignPermissionsRequest = new AssignPermissionsRequest() { Permissions = new[] { new PermissionIdentity { Identifier = resourceServer.Identifier, Name = newScope.Value } } }; await _apiClient.Roles.AssignPermissionsAsync(role.Id, assignPermissionsRequest); // Ensure the permission is associated with the role var associatedPermissions = await _apiClient.Roles.GetPermissionsAsync(role.Id, new PaginationInfo()); associatedPermissions.Should().NotBeNull(); associatedPermissions.Should().HaveCount(1); associatedPermissions.First().Identifier.Should().Be(resourceServer.Identifier); associatedPermissions.First().Name.Should().Be(newScope.Value); // Unassociate a permission with the role await _apiClient.Roles.RemovePermissionsAsync(role.Id, assignPermissionsRequest); // Ensure the permission is unassociated with the role associatedPermissions = await _apiClient.Roles.GetPermissionsAsync(role.Id, new PaginationInfo()); associatedPermissions.Should().NotBeNull(); associatedPermissions.Should().HaveCount(0); // Clean Up - Remove the permission from the resource server resourceServer = await _apiClient.ResourceServers.UpdateAsync(resourceServer.Id, new ResourceServerUpdateRequest { Scopes = originalScopes }); // Clean Up - Remove the role await _apiClient.Roles.DeleteAsync(role.Id); }
public async Task Test_roles_assign_unassign_permission_to_user() { var userCreateRequest = new UserCreateRequest { Connection = _connection.Name, Email = $"{Guid.NewGuid():N}@nonexistingdomain.aaa", EmailVerified = true, Password = Password }; var user = await _apiClient.Users.CreateAsync(userCreateRequest); // Get a resource server var resourceServer = await _apiClient.ResourceServers.GetAsync("5cccc711773967081270a036"); var originalScopes = resourceServer.Scopes.ToList(); // Create a permission/scope var newScope = new ResourceServerScope { Value = $"{Guid.NewGuid():N}scope", Description = "Integration test" }; // Update resource server with new scope resourceServer = await _apiClient.ResourceServers.UpdateAsync(resourceServer.Id, new ResourceServerUpdateRequest { Scopes = originalScopes.Concat(new[] { newScope }).ToList(), }); // Associate a permission with the user var assignPermissionsRequest = new AssignPermissionsRequest() { Permissions = new[] { new PermissionIdentity { Identifier = resourceServer.Identifier, Name = newScope.Value } } }; await _apiClient.Users.AssignPermissionsAsync(user.UserId, assignPermissionsRequest); // Ensure the permission is associated with the user var associatedPermissions = await _apiClient.Users.GetPermissionsAsync(user.UserId, new PaginationInfo()); associatedPermissions.Should().NotBeNull(); associatedPermissions.Should().HaveCount(1); associatedPermissions.First().Identifier.Should().Be(resourceServer.Identifier); associatedPermissions.First().Name.Should().Be(newScope.Value); // Unassociate a permission with the user await _apiClient.Users.RemovePermissionsAsync(user.UserId, assignPermissionsRequest); // Ensure the permission is unassociated with the user associatedPermissions = await _apiClient.Users.GetPermissionsAsync(user.UserId, new PaginationInfo()); associatedPermissions.Should().NotBeNull(); associatedPermissions.Should().HaveCount(0); // Clean Up - Remove the permission from the resource server await _apiClient.ResourceServers.UpdateAsync(resourceServer.Id, new ResourceServerUpdateRequest { Scopes = originalScopes }); // Clean Up - Remove the user await _apiClient.Users.DeleteAsync(user.UserId); }