public void When_no_authorization_rules_have_been_configured_for_a_given_command_then_checks_are_unauthorized()
        {
            var customer = new Customer();
            var account = new CustomerAccount();
            var addEmail = new ChangeEmailAddress();

            customer.IsAuthorizedTo(addEmail, account)
                    .Should().Be(false);
        }
        public void AuthorizationPolicy_For_returns_an_instance_based_on_the_actual_rather_than_declared_type_of_the_principal()
        {
            AuthorizationFor<Customer>.ToApply<Cancel>.ToA<Order>
                                      .Requires((a, b, c) => true);
            IPrincipal iprincipal = new Customer();
            var customer = new Customer();
            var cancel = new Cancel();
            var order = new Order();

            iprincipal.IsAuthorizedTo(cancel, order).Should().Be(true);
            customer.IsAuthorizedTo(cancel, order).Should().Be(true);
        }
        public void IsDenied_overrides_other_authorizations()
        {
            AuthorizationFor<Customer>.ToApply<SuspendAccount>.ToA<CustomerAccount>.IsDenied();
            AuthorizationFor<Customer>.ToApplyAnyCommand.ToA<CustomerAccount>.Requires((c1, c2) => c1.Id == c2.Id);
           
            Guid customerId = Guid.NewGuid();
            var customerAccount = new CustomerAccount(customerId);
            var customerPrincipal = new Customer
            {
                Id = customerId,
                IsAuthenticated = true
            };

            customerPrincipal.IsAuthorizedTo(new ChangeEmailAddress(), customerAccount)
                             .Should().BeTrue();

            customerPrincipal.IsAuthorizedTo(new SuspendAccount(), customerAccount)
                             .Should().BeFalse();
        }
        public void The_event_Actor_is_set_from_the_Command_Principal()
        {
            // arrange
            var customer = new Customer(Any.FullName());
            var serviceRepresentative = new CustomerServiceRepresentative
            {
                Name = Any.FullName()
            };
            var command = new SpecifyShippingInfo
            {
                Principal = serviceRepresentative
            };

            var order = new Order(new CreateOrder(customer.Name)
            {
                Principal = customer
            });

            // act
            order.Apply(command);

            // assert
            order.Events()
                 .OfType<Order.Created>()
                 .Single()
                 .Actor()
                 .Should()
                 .Be(customer.Name);

            order.Events()
                 .OfType<Order.ShippingMethodSelected>()
                 .Single()
                 .Actor()
                 .Should()
                 .Be(serviceRepresentative.Name);
        }
        public void IsDenied_does_not_need_to_specify_a_resource_type_for_the_command()
        {
            AuthorizationFor<Customer>.ToApply<UnsuspendAccount>.IsDenied();
            AuthorizationFor<Customer>.ToApplyAnyCommand.ToA<CustomerAccount>.Requires((c1, c2) => c1.Id == c2.Id);

            Guid customerId = Guid.NewGuid();
            var customerAccount = new CustomerAccount(customerId);
            var customerPrincipal = new Customer
            {
                Id = customerId,
                IsAuthenticated = true
            };

            customerPrincipal.IsAuthorizedTo(new ChangeEmailAddress(), customerAccount)
                             .Should().BeTrue();

            customerPrincipal.IsAuthorizedTo(new UnsuspendAccount(), customerAccount)
                             .Should().BeFalse();
        }
        public void ToApplyAnyCommand_allows_an_authorization_rule_to_be_declared_for_all_commands_for_a_given_resource_type()
        {
            var principals = new List<IPrincipal>();
            var resources = new List<EventSourcedAggregate>();

            AuthorizationFor<Customer>.ToApplyAnyCommand.ToA<Order>
                                      .Requires((principal, resource) =>
                                      {
                                          principals.Add(principal);
                                          resources.Add(resource);
                                          return true;
                                      });

            var customer = new Customer();
            var order1 = new Order();
            var order2 = new Order();

            customer.IsAuthorizedTo(new Cancel(), order1)
                    .Should().BeTrue();
            customer.IsAuthorizedTo(new Place(), order2)
                    .Should().BeTrue();

            principals.Should().Contain(customer);
            resources.Should().Contain(order1);
            resources.Should().Contain(order2);
        }