public static async Task OnAuthorizationAsync_UserHasDifferentPrimaryOrganisationId_ReturnsExpectedValue( string organisationId1, string organisationId2) { var user = ClaimsPrincipalBuilder.Create() .WithClaim(ApplicationClaimTypes.Ordering) .WithClaim(UserClaimTypes.PrimaryOrganisationId, organisationId1) .Build(); var actionDescriptor = new ActionDescriptor { EndpointMetadata = new object[] { new AuthorizeOrganisationAttribute() }, Parameters = new[] { new ParameterDescriptor { Name = DefaultActionMethodParameterName } }, }; var context = AuthorizationFilterContextBuilder.Create() .WithActionDescription(actionDescriptor) .WithRouteValue(DefaultRouteParameterName, null) .WithUser(user) .Build(); var filter = new TestFilter { Id = organisationId2 }; await filter.OnAuthorizationAsync(context); context.Result.Should().NotBeNull(); context.Result.Should().BeOfType <ForbidResult>(); }
public static async Task OnAuthorizationAsync_UserHasSamePrimaryOrganisationId_ReturnsExpectedValue( string organisationId, OrganisationIdOrganisationAuthorizationFilter filter) { const string parameterName = OrganisationIdOrganisationAuthorizationFilter.DefaultParameterName; var user = ClaimsPrincipalBuilder.Create() .WithClaim(ApplicationClaimTypes.Ordering) .WithClaim(UserClaimTypes.PrimaryOrganisationId, organisationId) .Build(); var actionDescriptor = new ActionDescriptor { EndpointMetadata = new object[] { new AuthorizeOrganisationAttribute() }, Parameters = new[] { new ParameterDescriptor { Name = parameterName } }, }; var context = AuthorizationFilterContextBuilder.Create() .WithActionDescription(actionDescriptor) .WithRouteValue(parameterName, organisationId) .WithUser(user) .Build(); await filter.OnAuthorizationAsync(context); context.Result.Should().BeNull(); }
public static async Task OnAuthorizationAsync_ImplementationReturnsActionResult_ReturnsExpectedValue() { var user = ClaimsPrincipalBuilder.Create().WithClaim(ApplicationClaimTypes.Ordering).Build(); var actionDescriptor = new ActionDescriptor { EndpointMetadata = new object[] { new AuthorizeOrganisationAttribute() }, Parameters = new[] { new ParameterDescriptor { Name = DefaultActionMethodParameterName } }, }; var context = AuthorizationFilterContextBuilder.Create() .WithActionDescription(actionDescriptor) .WithRouteValue(DefaultRouteParameterName, null) .WithUser(user) .Build(); var result = new OkResult(); context.Result = result; var expectedResult = new NoContentResult(); var filter = new TestFilter { Result = expectedResult }; await filter.OnAuthorizationAsync(context); context.Result.Should().Be(expectedResult); }
public static async Task OnAuthorizationAsync_UserHasSamePrimaryOrganisationId_ReturnsExpectedValue( [Frozen] ApplicationDbContext dbContext, [Frozen] CallOffId callOffId, Order order, OrderLookupOrganisationAuthorizationFilter filter) { dbContext.Order.Add(order); await dbContext.SaveChangesAsync(); const string parameterName = OrderLookupOrganisationAuthorizationFilter.DefaultParameterName; var user = ClaimsPrincipalBuilder.Create() .WithClaim(ApplicationClaimTypes.Ordering) .WithClaim(UserClaimTypes.PrimaryOrganisationId, order.OrderingParty.Id.ToString()) .Build(); var actionDescriptor = new ActionDescriptor { EndpointMetadata = new object[] { new AuthorizeOrganisationAttribute() }, Parameters = new[] { new ParameterDescriptor { Name = parameterName } }, }; var context = AuthorizationFilterContextBuilder.Create() .WithActionDescription(actionDescriptor) .WithRouteValue(parameterName, callOffId.ToString()) .WithUser(user) .Build(); await filter.OnAuthorizationAsync(context); context.Result.Should().BeNull(); }
public static async Task OnAuthorizationAsync_NoAttribute_ReturnsExpectedValue() { var context = AuthorizationFilterContextBuilder.Create().Build(); var result = new OkResult(); context.Result = result; var filter = new TestFilter(); await filter.OnAuthorizationAsync(context); context.Result.Should().Be(result); }
public static async Task OnAuthorizationAsync_NoParameter_ReturnsExpectedValue() { var actionDescriptor = new ActionDescriptor { EndpointMetadata = new object[] { new AuthorizeOrganisationAttribute() }, }; var context = AuthorizationFilterContextBuilder.Create() .WithActionDescription(actionDescriptor) .Build(); var filter = new TestFilter(); await filter.OnAuthorizationAsync(context); context.Result.Should().BeNull(); }
public static async Task OnAuthorizationAsync_UserHasNoOrderingClaim_ReturnsExpectedValue() { var actionDescriptor = new ActionDescriptor { EndpointMetadata = new object[] { new AuthorizeOrganisationAttribute() }, Parameters = new[] { new ParameterDescriptor { Name = DefaultActionMethodParameterName } }, }; var context = AuthorizationFilterContextBuilder.Create() .WithActionDescription(actionDescriptor) .WithUser(new ClaimsPrincipal()) .Build(); var filter = new TestFilter(); await filter.OnAuthorizationAsync(context); context.Result.Should().BeNull(); }
public static async Task OnAuthorizationAsync_RouteValue_IsExpectedValue(string routeValue) { var user = ClaimsPrincipalBuilder.Create().WithClaim(ApplicationClaimTypes.Ordering).Build(); var actionDescriptor = new ActionDescriptor { EndpointMetadata = new object[] { new AuthorizeOrganisationAttribute() }, Parameters = new[] { new ParameterDescriptor { Name = DefaultActionMethodParameterName } }, }; var context = AuthorizationFilterContextBuilder.Create() .WithActionDescription(actionDescriptor) .WithRouteValue(DefaultRouteParameterName, routeValue) .WithUser(user) .Build(); var filter = new TestFilter(); await filter.OnAuthorizationAsync(context); filter.RouteValue.Should().Be(routeValue); }
public static async Task OnAuthorizationAsync_NoUser_ReturnsExpectedValue() { var actionDescriptor = new ActionDescriptor { EndpointMetadata = new object[] { new AuthorizeOrganisationAttribute() }, Parameters = new[] { new ParameterDescriptor { Name = DefaultActionMethodParameterName } }, }; var context = AuthorizationFilterContextBuilder.Create() .WithActionDescription(actionDescriptor) .Build(); var result = new OkResult(); context.Result = result; var filter = new TestFilter(); await filter.OnAuthorizationAsync(context); context.Result.Should().Be(result); }