public void OnAuthorization_Works_When_UserSignedIn_And_HasFunctionRight()
{
var authContext = FakeAuthorizationContext_UserSignedIn_And_DOCUMENTUPLOADER_FunctionRightAssigned();
var requiresAttribute = new RequiresAttribute();
requiresAttribute.FunctionRights = DOCUMENT_UPLOADER;// simulating [Requires(FunctionRights= "DocumentUploader")] ActionResult OnSomeMethod(){ }
// act
requiresAttribute.OnAuthorization(authContext);
// assert
Assert.IsNull(authContext.Result);
}
public void OnAuthorization_FailsWhen_UserNotSignedIn()
{
var authContext = FakeAuthorizationContext_UserNotSignedIn();
var requiresAttribute = new RequiresAttribute();
requiresAttribute.FunctionRights = DOCUMENT_UPLOADER;// simulating [Requires(FunctionRights= "DocumentUploader")] ActionResult OnSomeMethod(){ }
// act
requiresAttribute.OnAuthorization(authContext);
// assert
Assert.IsInstanceOf<HttpUnauthorizedResult>(authContext.Result);
}
public void OnAuthorization_FailsWhen_UserSignedIn_And_DoesNotHaveFunction_Assigned()
{
// arrange
var authContext = FakeAuthorizationContext_UserSignedIn_DOCUMENTUPLOADER_NotAssigned();
var requiresAttribute = new RequiresAttribute();
requiresAttribute.FunctionRights = DOCUMENT_UPLOADER;// simulating [Requires(FunctionRights= "DocumentUploader")] ActionResult OnSomeMethod(){ }
// act : NOTE that Asp.NET MVC will automatically call this employee
requiresAttribute.OnAuthorization(authContext);
// assert
Assert.IsInstanceOf<HttpUnauthorizedResult>(authContext.Result);
}