public FhirRequestContextRouteDataPopulatingFilterAttributeTests()
{
var controllerActionDescriptor = new ControllerActionDescriptor
{
DisplayName = "Executing Context Test Descriptor",
ActionName = ActionName,
ControllerName = ControllerName,
AttributeRouteInfo = new AttributeRouteInfo
{
Name = RouteName,
},
};
_actionExecutingContext = new ActionExecutingContext(
new ActionContext(_httpContext, new RouteData(), controllerActionDescriptor),
new List <IFilterMetadata>(),
new Dictionary <string, object>(),
FilterTestsHelper.CreateMockFhirController());
_actionExecutedContext = new ActionExecutedContext(
new ActionContext(_httpContext, new RouteData(), controllerActionDescriptor),
new List <IFilterMetadata>(),
FilterTestsHelper.CreateMockFhirController());
_fhirRequestContext.CorrelationId = _correlationId;
_fhirRequestContextAccessor.FhirRequestContext.Returns(_fhirRequestContext);
_filterAttribute = new FhirRequestContextRouteDataPopulatingFilterAttribute(_fhirRequestContextAccessor, _auditEventTypeMapping);
}
public OperationOutcomeExceptionFilterTests()
{
_context = new ActionExecutedContext(
new ActionContext(new DefaultHttpContext(), new RouteData(), new ActionDescriptor()),
new List <IFilterMetadata>(),
FilterTestsHelper.CreateMockFhirController());
_fhirRequestContext.CorrelationId.Returns(_correlationId);
_fhirRequestContextAccessor.FhirRequestContext.Returns(_fhirRequestContext);
}
private static ActionExecutingContext CreateContext(string id)
{
return(new ActionExecutingContext(
new ActionContext(new DefaultHttpContext(), new RouteData {
Values = { ["type"] = "Observation", ["id"] = id }
}, new ActionDescriptor()),
new List <IFilterMetadata>(),
new Dictionary <string, object>(),
FilterTestsHelper.CreateMockFhirController()));
}
private static ActionExecutingContext CreateContext(Resource type, string id)
{
return(new ActionExecutingContext(
new ActionContext(new DefaultHttpContext(), new RouteData {
Values = { [KnownActionParameterNames.ResourceType] = "Observation", [KnownActionParameterNames.Id] = id }
}, new ActionDescriptor()),
new List <IFilterMetadata>(),
new Dictionary <string, object> {
{ "resource", type }
},
FilterTestsHelper.CreateMockFhirController()));
}
public AuditLoggingFilterTests()
{
_fhirResult = new FhirResult(new Patient()
{
Name = { new HumanName()
{
Text = "TestPatient"
} }
});
_executedContext = new ResultExecutedContext(
new ActionContext(new DefaultHttpContext(), new RouteData(), new ControllerActionDescriptor()
{
DisplayName = "Executed Context Test Descriptor"
}),
new List <IFilterMetadata>(),
_fhirResult,
FilterTestsHelper.CreateMockFhirController());
_executedContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.Created;
_fhirResult.StatusCode = HttpStatusCode.Created;
_fhirRequestContext.RequestType.Returns(new Coding("System", "TestRequestType"));
_fhirRequestContext.RequestSubType = new Coding("System", "TestRequestSubType");
_fhirRequestContext.Uri.Returns(new Uri("https://fhirtest/fhir?count=100"));
_fhirRequestContextAccessor.FhirRequestContext.Returns(_fhirRequestContext);
_fhirRequestContextAccessor.FhirRequestContext.Principal.Returns(_claimsPrincipal);
_securityConfiguration.LastModifiedClaims.Returns(new HashSet <string> {
"claim1"
});
_securityOptions.Value.Returns(_securityConfiguration);
_claimsPrincipal.Claims.Returns(new List <System.Security.Claims.Claim> {
Claim1
});
_claims = new KeyValuePair <string, string>[]
{
KeyValuePair.Create("claim", "value"),
};
_claimsIndexer = Substitute.For <IClaimsIndexer>();
_claimsIndexer.Extract().Returns(_claims);
_filter = new AuditLoggingFilterAttribute(
_auditLogger,
_fhirRequestContextAccessor,
_claimsIndexer);
}
public void GivenAFhirRequest_WhenExecutingAnValidAction_ThenCorrectRequestSubTypeMustBeSet(string methodName, string auditEventSubType)
{
var executingContext = new ActionExecutingContext(
new ActionContext(new DefaultHttpContext(), new RouteData(), new ControllerActionDescriptor()
{
DisplayName = "Executing Context Test Descriptor"
}),
new List <IFilterMetadata>(),
_actionArguments,
FilterTestsHelper.CreateMockFhirController());
var fhirController = executingContext.Controller as FhirController;
AssertProperRequestSubTypeSet(executingContext, methodName, auditEventSubType, _filter);
}
private static ActionExecutingContext CreateContext(Base type)
{
var httpContext = new DefaultHttpContext();
httpContext.Request.Method = "POST";
return(new ActionExecutingContext(
new ActionContext(httpContext, new RouteData {
Values = { [KnownActionParameterNames.ResourceType] = type.TypeName }
}, new ActionDescriptor()),
new List <IFilterMetadata>(),
new Dictionary <string, object> {
{ "resource", type }
},
FilterTestsHelper.CreateMockFhirController()));
}
public void GivenAFhirRequest_WhenExecutingAnActionWithoutAttributes_ThenException()
{
var executingContext = new ActionExecutingContext(
new ActionContext(new DefaultHttpContext(), new RouteData(), new ControllerActionDescriptor()
{
DisplayName = "Executing Context Test Descriptor"
}),
new List <IFilterMetadata>(),
_actionArguments,
FilterTestsHelper.CreateMockFhirController());
var descriptor = executingContext.ActionDescriptor as ControllerActionDescriptor;
descriptor.MethodInfo = typeof(FilterTestsHelper).GetMethod("MethodWithNoAttribute");
var excp = Assert.Throws <NotSupportedException>(() => _filter.OnActionExecuting(executingContext));
Assert.Contains(excp.Message, "Audit Event Sub Type is not set for method MethodWithNoAttribute.");
}
public void GivenAFhirRequest_WhenExecutingAnAnonymousAction_ThenLogAuditMustNotBeCalled()
{
var executingContext = new ActionExecutingContext(
new ActionContext(new DefaultHttpContext(), new RouteData(), new ControllerActionDescriptor()
{
DisplayName = "Executing Context Test Descriptor"
}),
new List <IFilterMetadata>(),
_actionArguments,
FilterTestsHelper.CreateMockFhirController());
var descriptor = executingContext.ActionDescriptor as ControllerActionDescriptor;
descriptor.MethodInfo = typeof(FilterTestsHelper).GetMethod("MethodWithAnonymousAttribute");
_filter.OnActionExecuting(executingContext);
_auditLogger.DidNotReceiveWithAnyArgs().LogAudit(Arg.Any <AuditAction>(), Arg.Any <string>(), Arg.Any <string>(), Arg.Any <Uri>(), Arg.Any <HttpStatusCode?>(), Arg.Any <string>(), Arg.Any <IReadOnlyCollection <KeyValuePair <string, string> > >());
_executedContext.ActionDescriptor = executingContext.ActionDescriptor;
_filter.OnResultExecuted(_executedContext);
_auditLogger.DidNotReceiveWithAnyArgs().LogAudit(Arg.Any <AuditAction>(), Arg.Any <string>(), Arg.Any <string>(), Arg.Any <Uri>(), Arg.Any <HttpStatusCode?>(), Arg.Any <string>(), Arg.Any <IReadOnlyCollection <KeyValuePair <string, string> > >());
}
public void GivenAFhirRequest_WhenExecutingAnValidAction_ThenLogAuditMustBeCalled()
{
var executingContext = new ActionExecutingContext(
new ActionContext(new DefaultHttpContext(), new RouteData(), new ControllerActionDescriptor()
{
DisplayName = "Executing Context Test Descriptor"
}),
new List <IFilterMetadata>(),
_actionArguments,
FilterTestsHelper.CreateMockFhirController());
var descriptor = executingContext.ActionDescriptor as ControllerActionDescriptor;
var claims = _claimsIndexer.Extract();
descriptor.MethodInfo = typeof(FilterTestsHelper).GetMethod("MethodWithAuditEventAttribute");
_filter.OnActionExecuting(executingContext);
_auditLogger.Received(1).LogAudit(AuditAction.Executing, _fhirRequestContext.RequestSubType.Code, null, _fhirRequestContext.Uri, null, _fhirRequestContext.CorrelationId, _claims);
_executedContext.ActionDescriptor = executingContext.ActionDescriptor;
_filter.OnResultExecuted(_executedContext);
_auditLogger.Received(2).LogAudit(Arg.Any <AuditAction>(), Arg.Any <string>(), Arg.Any <string>(), Arg.Any <Uri>(), Arg.Any <HttpStatusCode?>(), Arg.Any <string>(), Arg.Any <IReadOnlyCollection <KeyValuePair <string, string> > >());
_auditLogger.Received(1).LogAudit(AuditAction.Executed, _fhirRequestContext.RequestSubType.Code, _fhirResult.Resource.TypeName, _fhirRequestContext.Uri, _fhirResult.StatusCode, _fhirRequestContext.CorrelationId, _claims);
}