public void Given_custom_principle_has_permission_but_not_one_checking_When_OnActionExecuting_Then_should_throw_401_not_authorised_exception() { // Given var permissions = new string[] { Permissions.ViewCompanyDetails.ToString() }; var userDto = new UserDto() { CompanyId = 0, Permissions = permissions }; var customPrincipal = CreateCustomPrincipal(userDto); var filterContext = new ActionExecutingContext { HttpContext = MvcMockHelpers.FakeHttpContext(customPrincipal) }; var permissionFilterAttribute = new PermissionFilterAttribute(Permissions.ViewSiteDetails); // When permissionFilterAttribute.OnActionExecuting(filterContext); // Then Assert.That(filterContext.Result, Is.TypeOf<HttpUnauthorizedResult>()); }
public void Given_a_companyid_but_not_correct_for_custom_principal_When_OnActionExecuting_Then_should_throw_401_not_authorised_exception() { // Given const int userCompanyId = 1; const int urlCompanyId = 9999; var userDto = new UserDto() { CompanyId = userCompanyId, Permissions = new List<string>() }; var customPrincipal = CreateCustomPrincipal(userDto); var actionParameters = new Dictionary<string, object> { {"companyId", urlCompanyId} }; var filterContext = new ActionExecutingContext { HttpContext = MvcMockHelpers.FakeHttpContext(customPrincipal), ActionParameters = actionParameters }; var urlHackingFilter = new UrlHackingFilter(); // When urlHackingFilter.OnActionExecuting(filterContext); // Then Assert.That(filterContext.Result, Is.TypeOf<HttpUnauthorizedResult>()); }
public void Given_user_in_cache_and_company_not_in_cache_When_create_custom_principal_Then_should_call_correct_methods() { // Given string userCacheKey = "User:"******"Company:" + _companyId; var target = CreateTarget(); _clientService .Setup(x => x.GetCompanyDetails(_companyId)) .Returns(_companyDto); var userDto = new UserDto(); _cacheHelper .Setup(x => x.Load(userCacheKey, out userDto)) .Returns(true); // When target.Create(_companyId, _userId); // Then _cacheHelper.Verify(x => x.Add(_userDto, userCacheKey, 5),Times.Never()); _clientService.VerifyAll(); _cacheHelper.Verify(x => x.Add(It.Is<CompanyDto>(y => y.CompanyName == _companyDto.CompanyName), companyCacheKey, 1440)); }
public void Given_not_got_a_companyid_When_OnActionExecuting_Then_should_have_result_of_null() { // Given var userDto = new UserDto() { Permissions = new string[] { } }; var customPrincipal = CreateCustomPrincipal(userDto); var actionParameters = new Dictionary<string, object>(); var filterContext = new ActionExecutingContext { HttpContext = MvcMockHelpers.FakeHttpContext(customPrincipal), ActionParameters = actionParameters }; var urlHackingFilter = new UrlHackingFilter(); // When urlHackingFilter.OnActionExecuting(filterContext); // Then Assert.That(filterContext.Result, Is.Null); }
public void Setup() { var userDto = new UserDto() { Permissions = new List<string>() {"DeleteSiteDetails"} }; _user = new CustomPrincipal(userDto, new CompanyDto()); }
public CustomPrincipal(UserDto userDto, CompanyDto companyDto) { Identity = new GenericIdentity(GetUserIdentity(userDto)); UserId = userDto.Id; CompanyId = userDto.CompanyId; FullName = userDto.Employee != null ? userDto.Employee.FullName : null; Email = userDto.Employee != null && userDto.Employee.MainContactDetails != null && userDto.Employee.MainContactDetails.Email != null ? userDto.Employee.MainContactDetails.Email: string.Empty; CompanyName = companyDto.CompanyName; _allowableSites = userDto.AllowedSites; _permissions = userDto.Permissions; }
public void When_custom_principal_has_no_employer_Then_should_user_id_as_identity() { // Given var userDto = new UserDto() { Id = Guid.NewGuid() }; // When var customPrinciple = new CustomPrincipal(userDto, new CompanyDto()); // Then Assert.That(customPrinciple.Identity.Name, Is.EqualTo(userDto.Id.ToString())); }
public UserDto Map(User user) { if (user == null) { return new UserDto(); } var userDto = new UserDto(); userDto.Id = user.Id; userDto.CreatedOn = user.CreatedOn; userDto.Deleted = user.Deleted; userDto.LastModifiedOn = user.LastModifiedOn; userDto.CompanyId = user.CompanyId; userDto.IsRegistered = user.IsRegistered.HasValue ? user.IsRegistered.Value : true; return userDto; }
public void Given_search_for_current_user_When_GetViewModel_is_called_Then_should_call_correct_methods() { //Given var target = CreateTarget(); var user = new UserDto() { CompanyId = _companyId, Id = Guid.NewGuid(), Employee = new EmployeeDto() {Id = Guid.NewGuid()} }; _userService .Setup(x => x.GetIncludingEmployeeAndSiteByIdAndCompanyId(user.Id, user.CompanyId)) .Returns(user); var createdFrom = DateTime.Now.AddDays(1); var createdTo = DateTime.Now.AddDays(40); _taskService .Setup(x => x.Search(It.Is<SearchTasksRequest>(y => y.CompanyId == _companyId && y.CompletedFrom.Value.ToShortDateString() == createdFrom.ToShortDateString() && y.CompletedTo.Value.ToShortDateString() == createdTo.ToShortDateString()))); //When var allowedSiteIds = new List<long>(){1,2,3}; target .WithEmployeeId(null) .WithUser(CreateCustomPrincipal(user)) .WithCompanyId(_companyId) .WithCompletedFrom(createdFrom.ToShortDateString()) .WithCompletedTo(createdTo.ToShortDateString()) .WithAllowedSiteIds(allowedSiteIds) .WithUserEmployeeId(CreateCustomPrincipal(user)) .GetViewModel(); //Then _userService.VerifyAll(); _taskService.VerifyAll(); _siteGroupService.Verify(x => x.GetByCompanyId(_companyId)); _siteService.Verify( x => x.Search(It.Is<SearchSitesRequest>(y => y.CompanyId == _companyId && y.AllowedSiteIds == allowedSiteIds))); }
public void SetUp() { _cacheHelper = new Mock<ICacheHelper>(); _userService = new Mock<IUserService>(); _clientService = new Mock<IClientService>(); _companyId = 500; _userId = Guid.NewGuid(); _userDto = new UserDto() { Id = _userId }; _companyDto = new CompanyDetailsDto(_companyId, "Test Company", string.Empty, string.Empty, string.Empty, string.Empty, string.Empty, 100, string.Empty, string.Empty, string.Empty, string.Empty); }
public void Given_editing_new_group_state_but_without_correct_permisions_Than_delete_should_not_be_enabled() { //Given var target = new SiteGroupDetailsViewModel { GroupId = 1 }; var userDto = new UserDto() { CompanyId = 0, Permissions = new List<string>() }; //When _user = new CustomPrincipal(userDto, new CompanyDto()); var result = target.IsDeleteButtonEnabled(_user); //Then Assert.That(result, Is.False); }
public void Given_GetSummaryViewModel_Then_calls_correct_methods() { //Given var target = CreateTarget(); var user = new UserDto() { CompanyId = _companyId, Id = Guid.NewGuid() }; var passedRequest = new SearchTasksRequest(); _taskService .Setup(x => x.GetOutstandingTasksSummary(It.IsAny<SearchTasksRequest>())) .Returns(new TaskListSummaryResponse()) .Callback<SearchTasksRequest>(y => passedRequest = y); //When target .WithCompanyId(_companyId) .WithSiteGroupId(_siteGroupId) .WithSiteId(_siteId) .WithTaskCategoryId(_taskCategoryId) .WithEmployeeId(_employeeId) .WithAllowedSiteIds(_allowedSiteIds) .GetSummaryViewModel(); //Then _taskService.Verify(x => x.GetOutstandingTasksSummary(It.IsAny<SearchTasksRequest>()), Times.Once()); Assert.That(passedRequest.CompanyId, Is.EqualTo(_companyId)); Assert.That(passedRequest.SiteGroupId, Is.EqualTo(_siteGroupId)); Assert.That(passedRequest.SiteId, Is.EqualTo(_siteId)); Assert.That(passedRequest.TaskCategoryId, Is.EqualTo(_taskCategoryId)); Assert.That(passedRequest.EmployeeIds, Is.EqualTo(new List<Guid>() { _employeeId })); Assert.That(passedRequest.AllowedSiteIds, Is.EqualTo(_allowedSiteIds)); }
private static string GetUserIdentity(UserDto userDto) { return userDto.Employee != null && userDto.Employee.MainContactDetails != null && !string.IsNullOrEmpty(userDto.Employee.MainContactDetails.Email) ? userDto.Employee.MainContactDetails.Email : userDto.Id.ToString(); }
public void Given_a_companyid_and_matches_custom_principal_company_id_When_OnActionExecuting_Then_should_return_null() { // Given const int userCompanyId = 1; const int urlCompanyId = 1; var userDto = new UserDto() { CompanyId = userCompanyId, Permissions = new string[] { } }; var customPrincipal = CreateCustomPrincipal(userDto); var actionParameters = new Dictionary<string, object> { {"companyId", urlCompanyId} }; var filterContext = new ActionExecutingContext { HttpContext = MvcMockHelpers.FakeHttpContext(customPrincipal), ActionParameters = actionParameters }; var urlHackingFilter = new UrlHackingFilter(); // When urlHackingFilter.OnActionExecuting(filterContext); // Then Assert.That(filterContext.Result, Is.Null); }
public void Given_valid_viewmodel_with_deleted_user_When_update_is_clicked_with_site_id_selected_Then_correct_user_service_is_called() { // Given var controller = CreateUserRoleController(); var viewModel = new AddUsersViewModel { CompanyId = 999L, EmployeeId = Guid.NewGuid(), UserId = Guid.NewGuid(), RoleId = Guid.NewGuid(), SiteId = 10, SiteGroupId = null, EmployeeAlreadyExistsAsUser = true, IsUserDeleted = true }; _userPermissionsViewModelFactory.Setup(x => x.GetViewModel(viewModel.CompanyId, viewModel.EmployeeId, true, true)).Returns( new AddUsersViewModel()); UserDto user = new UserDto { Id = Guid.NewGuid(), Employee = new EmployeeDto { MainContactDetails = new EmployeeContactDetailDto { Email = "*****@*****.**", Telephone1 = "098098", Telephone2 = "098098" } } }; _userService.Setup(x => x.GetByIdAndCompanyIdIncludeDeleted(It.IsAny<Guid>(), It.IsAny<long>())).Returns( user); // When controller.UpdateUser(viewModel); // Then _userService.Verify( x => x.ReinstateUser(viewModel.UserId, TestControllerHelpers.UserIdAssigned)); }
public void Given_custom_principal_has_valid_permission_When_OnActionExecuting_Then_should_return_null() { // Given var permissions = new string[] { Permissions.ViewCompanyDetails.ToString() }; var userDto = new UserDto() { CompanyId = 0, Permissions = permissions }; var customPrincipal = CreateCustomPrincipal(userDto); var filterContext = new ActionExecutingContext { HttpContext = MvcMockHelpers.FakeHttpContext(customPrincipal) }; var permissionFilterAttribute = new PermissionFilterAttribute(Permissions.ViewCompanyDetails); // When permissionFilterAttribute.OnActionExecuting(filterContext); // Then Assert.That(filterContext.Result, Is.Null); }
public void When_custom_principal_with_user_not_got_employer_email_Then_should_user_id_as_identity() { // Given var userDto = new UserDto() { Id = Guid.NewGuid(), Employee = new EmployeeDto() { MainContactDetails = new EmployeeContactDetailDto { Email = string.Empty } } }; // When var customPrinciple = new CustomPrincipal(userDto, new CompanyDto()); // Then Assert.That(customPrinciple.Identity.Name, Is.EqualTo(userDto.Id.ToString())); }
private static CustomPrincipal CreateCustomPrincipal(UserDto userDto) { var customPrincipal = new CustomPrincipal(userDto, new CompanyDto()); return customPrincipal; }
private static CustomPrincipal CreateCustomPrinciple(IEnumerable<string> permissions, string companyName = "") { var userDto = new UserDto() { Id = Guid.Empty, CompanyId = 0, Permissions = permissions }; var companyDto = new CompanyDto() { CompanyName = companyName, Id = 100L }; var customPrinciple = new CustomPrincipal(userDto, companyDto); return customPrinciple; }
public void When_custom_principal_with_employer_email_Then_should_employer_email_as_identity() { // Given var userDto = new UserDto() { Id = Guid.NewGuid(), Employee = new EmployeeDto() { MainContactDetails = new EmployeeContactDetailDto { Email = "*****@*****.**" } } }; // When var customPrinciple = new CustomPrincipal(userDto, new CompanyDto()); // Then Assert.That(customPrinciple.Identity.Name, Is.EqualTo(userDto.Employee.MainContactDetails.Email)); }
public void Given_search_by_title_When_GetViewModel_Then_passed_requested_title_to_task_service() { //Given var target = CreateTarget(); const string title = "title"; var user = new UserDto() { CompanyId = _companyId, Id = Guid.NewGuid(), Employee = new EmployeeDto() { Id = Guid.NewGuid() } }; _userService .Setup(x => x.GetIncludingEmployeeAndSiteByIdAndCompanyId(user.Id, user.CompanyId)) .Returns(user); var createdFrom = DateTime.Now.AddDays(1); var createdTo = DateTime.Now.AddDays(40); _taskService .Setup(x => x.Search(It.IsAny<SearchTasksRequest>())); //When var allowedSiteIds = new List<long>() { 1, 2, 3 }; target .WithTitle(title) .GetViewModel(); //Then _taskService.Verify(x => x.Search(It.Is<SearchTasksRequest>(y => y.Title == title))); }