public async Task <IActionResult> UpdateMembership(UpdateMembershipCommand command) { Request.Headers.TryGetValue("Authorization", out var token); string role = await AuthHelper.GetRoleFromTokenAsync(token); if (role != "admin") { return(StatusCode(401, new { Error = "Unauthorized" })); } BaseResponse <int> result = (BaseResponse <int>) await Mediator.Send(command); return(!result.Success ? StatusCode(result.Error.StatusCode, result.Error) : Ok(result)); }
public async Task UpdateMembershipCommandHandler_ShouldUpdateMembership() { // Arrange UpdateMembershipCommand request = new UpdateMembershipCommand { GroupMembershipId = 1, IsAdmin = true }; IEnumerable <GroupMembership> expectedMemberships = new[] { new GroupMembership { GroupMembershipId = 1, UserId = 1, IsAdmin = false } }; IQueryable <GroupMembership> queryableMock = expectedMemberships .AsQueryable() .BuildMock() .Object; _unitOfWorkMock .Setup(m => m.GroupMemberships.GetById(request.GroupMembershipId)) .Returns(queryableMock); GroupMembership passedMembership = null; _unitOfWorkMock .Setup(m => m.GroupMemberships.Update(It.IsAny <GroupMembership>())) .Callback <GroupMembership>(gm => passedMembership = gm); _unitOfWorkMock .Setup(m => m.CommitAsync(It.IsAny <CancellationToken>())) .ReturnsAsync(1); UpdateMembershipCommand.Handler handler = new UpdateMembershipCommand.Handler(_unitOfWorkMock.Object); // Act await handler.Handle(request); // Assert Assert.NotNull(passedMembership); Assert.Equal(request.IsAdmin, passedMembership.IsAdmin); _unitOfWorkMock.Verify(m => m.GroupMemberships.Update(It.IsAny <GroupMembership>()), Times.AtLeastOnce); _unitOfWorkMock.Verify(m => m.CommitAsync(It.IsAny <CancellationToken>()), Times.AtLeastOnce); }
public async Task UpdateMembership_ShouldUpdateMembership() { // Arrange const int membershipId = 1; UpdateMembershipBody body = new UpdateMembershipBody { IsAdmin = true }; Mock <IMediator> mediatorMock = new Mock <IMediator>(); mediatorMock .Setup(m => m.Send(It.IsAny <MembershipExistsQuery>(), It.IsAny <CancellationToken>())) .ReturnsAsync(true); mediatorMock .Setup(m => m.Send(It.IsAny <CanUpdateMembershipQuery>(), It.IsAny <CancellationToken>())) .ReturnsAsync(true); UpdateMembershipCommand passedUpdateCommand = null; mediatorMock .Setup(m => m.Send(It.IsAny <UpdateMembershipCommand>(), It.IsAny <CancellationToken>())) .Callback <IRequest <Unit>, CancellationToken>((c, _) => passedUpdateCommand = (UpdateMembershipCommand)c) .ReturnsAsync(Unit.Value); GroupMembershipController controller = new GroupMembershipController(mediatorMock.Object, null); // Act ActionResult response = await controller.UpdateMembership(membershipId, body); // Assert Assert.IsType <NoContentResult>(response); mediatorMock.Verify(m => m.Send(It.IsAny <UpdateMembershipCommand>(), It.IsAny <CancellationToken>()), Times.Once); Assert.NotNull(passedUpdateCommand); Assert.Equal(membershipId, passedUpdateCommand.GroupMembershipId); Assert.Equal(body.IsAdmin, passedUpdateCommand.IsAdmin); }
public async Task <ActionResult> UpdateMembership([FromRoute] int membershipId, [FromBody] UpdateMembershipBody body, CancellationToken cancellationToken = default) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } // Check if membership exists MembershipExistsQuery existsQuery = new MembershipExistsQuery { GroupMembershipId = membershipId }; bool exists = await _mediator.Send(existsQuery, cancellationToken); if (!exists) { return(NotFound(new ErrorResource { StatusCode = StatusCodes.Status404NotFound, Message = $"Membership with ID '{membershipId}' does not exist" })); } // Check if the user wants to update himself IsOwnMembershipQuery isOwnMembershipQuery = new IsOwnMembershipQuery { GroupMembershipId = membershipId }; bool isOwnMembership = await _mediator.Send(isOwnMembershipQuery, cancellationToken); if (isOwnMembership) { return(StatusCode(StatusCodes.Status403Forbidden, new ErrorResource { StatusCode = StatusCodes.Status403Forbidden, Message = "Cannot update your own membership" })); } // Check if the current user is allowed to update the membership CanUpdateMembershipQuery canUpdateQuery = new CanUpdateMembershipQuery { GroupMembershipIdToUpdate = membershipId }; bool canUpdate = await _mediator.Send(canUpdateQuery, cancellationToken); if (!canUpdate) { return(StatusCode(StatusCodes.Status403Forbidden, new ErrorResource { StatusCode = StatusCodes.Status403Forbidden, Message = "You are not permitted to mutate users in this group. This privilege is only granted to administrators of the group" })); } // Update membership UpdateMembershipCommand updateCommand = new UpdateMembershipCommand { GroupMembershipId = membershipId, IsAdmin = body.IsAdmin != null && (bool)body.IsAdmin }; await _mediator.Send(updateCommand, cancellationToken); return(NoContent()); }