C# (CSharp) GeldApp2.IntegrationTests GeldAppFixture.ExpectAddExpenseAsync示例

示例#1

        public async Task EnsureThatExpensesFromOtherAccountsDoNotLeak()
        {
            using (var fixture = new GeldAppFixture())
            {
                await fixture.Login("Hans");

                // Import.
                var csv = File.ReadAllBytes("Import/dkb-import-test.csv");
                await fixture.PostFileAsync("/api/account/Hans/import/csv", "csvFile", "file.csv", csv);

                var hansImportedExpense = (await fixture.GetAsync <ImportedExpense[]>("/api/account/Hans/imports/unhandled")).Single();

                // Add some expenses.
                await fixture.AddExpenseAsync("Hans", -12.34M, "Correct", "Subcategory", ex => ex.Date = hansImportedExpense.BookingDay.AddDays(-2).Date);

                // Get related expenses.
                var relatedExpenses = await fixture.GetAsync <ExpenseViewModel[]>("/api/account/Hans/expenses?relatedToImportedExpense=" + hansImportedExpense.Id);

                relatedExpenses.Should().HaveCount(1);
                relatedExpenses.Single().CategoryName.Should().Be("Correct");

                // Login as different user.
                fixture.Logout();
                await fixture.Login("Petra");

                // Simple leak.
                await fixture.ExpectGetAsync("/api/account/Hans/expenses?relatedToImportedExpense=" + hansImportedExpense.Id, HttpStatusCode.Unauthorized);

                // Leak via related expenses.
                await fixture.PostFileAsync("/api/account/Petra/import/csv", "csvFile", "file.csv", csv);

                var petraImportedExpense = (await fixture.GetAsync <ImportedExpense[]>("/api/account/Petra/imports/unhandled")).Single();
                var petraRelatedExpenses = await fixture.GetAsync <ExpenseViewModel[]>("/api/account/Petra/expenses?relatedToImportedExpense=" + petraImportedExpense.Id);

                petraRelatedExpenses.Should().BeEmpty();

                // Leak via linking.
                await fixture.ExpectPostAsync($"/api/account/Hans/import/link?importedExpenseId={hansImportedExpense.Id}&relatedExpenseId={relatedExpenses.Single().Id}", HttpStatusCode.Unauthorized);

                await fixture.ExpectPostAsync($"/api/account/Petra/import/link?importedExpenseId={hansImportedExpense.Id}&relatedExpenseId={relatedExpenses.Single().Id}", HttpStatusCode.NotFound);

                // Leak via creating.
                await fixture.ExpectAddExpenseAsync("Hans", 10, "Cat", "Sub", modCmd : cmd => cmd.HandlesImportedExpenseId = hansImportedExpense.Id, expectedStatus : HttpStatusCode.Unauthorized);

                await fixture.ExpectAddExpenseAsync("Petra", 10, "Cat", "Sub", modCmd : cmd => cmd.HandlesImportedExpenseId = hansImportedExpense.Id, expectedStatus : HttpStatusCode.NotFound);
            }
        }