yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
refactor/StringExtensions
Umbraco-CMS/tests/Umbraco.Tests.Integration/ManagementApi/Security/BackOfficeControllerTests.cs

85 lines
2.9 KiB
C#
Raw Permalink Normal View History

Auhorization: Cherrypicked integration tests from V15 (#20492) * V15 QA Added the authorization integration tests (#18419) * Added authorization integration tests * Removed unnecessary tests and update tests for preview controller * Updated to use the newest changes from v15/dev and added an override for the AuthenticateClientAsync to use the userGroupKey * Updated CompatibilitySuppressions to include changes from integration tests * Updated pipelines * Skips managementApi tests * Only run necessary tests * Added new schema per fixture to reduce test setup time * Fixed failing tests * Updated test setup * Updated test * Added suppression * Fixed failing tests * Updated addOnTeardown methods to protected * Added method for clearing the host * Added teardown * Updated model usage * Added a lot of cleanup for memory leak issues when running tests * Added CompatibilitySuppressions.xml * Updated tests * Cleaned up * Adjusted base classes * Updated pipeline * Updated CompatibilitySuppressions.xml * Updated test logging * Fixed reponse * Updated condition to skip tests * Updated tests, not done * Reworked test to expect correct responses with correct setup * Updated tests * More updates to tests * Updated tests * Cleaned up tests * Updated setup * Cleaned up tests to match setup * Cleaned up setup * Removed suppression * Fixed tests * Move order of checks * Fix naming * Formatting * Dispose of host * Keep track of if we're disposed * Compat suppression * Dont dispose * Fix failing tests * removed unused virtual * Updated CompatibilitySuppressions.xml --------- Co-authored-by: Andreas Zerbst <andr317c@live.dk> Co-authored-by: Zeegaan <skrivdetud@gmail.com> Co-authored-by: Nikolaj Geisle <70372949+Zeegaan@users.noreply.github.com> # Conflicts: # tests/Umbraco.Tests.Integration/CompatibilitySuppressions.xml # tests/Umbraco.Tests.Integration/ManagementApi/ManagementApiTest.cs # tests/Umbraco.Tests.Integration/ManagementApi/Policies/AllCultureControllerTests.cs # tests/Umbraco.Tests.Integration/ManagementApi/Policies/CreateDocumentTests.cs # tests/Umbraco.Tests.Integration/ManagementApi/Policies/UpdateDocumentTests.cs # tests/Umbraco.Tests.Integration/ManagementApi/Preview/EndPreviewTests.cs # tests/Umbraco.Tests.Integration/ManagementApi/Preview/EnterPreviewTests.cs # tests/Umbraco.Tests.Integration/TestServerTest/UmbracoTestServerTestBase.cs * Updated test * Updates * Removed unnessecary test --------- Co-authored-by: Nhu Dinh <150406148+nhudinh0309@users.noreply.github.com> Co-authored-by: Zeegaan <skrivdetud@gmail.com> Co-authored-by: Nikolaj Geisle <70372949+Zeegaan@users.noreply.github.com>
2025-10-14 12:04:10 +02:00
using System.Linq.Expressions;
using System.Net;
using System.Net.Http.Json;
using NUnit.Framework;
using Umbraco.Cms.Api.Management.Controllers.Security;
using Umbraco.Cms.Api.Management.ViewModels.Security;
using Umbraco.Cms.Core;
namespace Umbraco.Cms.Tests.Integration.ManagementApi.Security;
public class BackOfficeControllerTests : ManagementApiUserGroupTestBase<BackOfficeController>
{
protected override Expression<Func<BackOfficeController, object>> MethodSelector =>
x => x.Login(CancellationToken.None, null);
// Admin
[Test]
public override async Task As_Admin_I_Have_Specified_Access()
{
var response = await AuthorizedRequest(Constants.Security.AdminGroupKey, "Admin");
UserEmail += "Admin";
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, await response.Content.ReadAsStringAsync());
}
// Editor
[Test]
public override async Task As_Editor_I_Have_Specified_Access()
{
var response = await AuthorizedRequest(Constants.Security.EditorGroupKey, "Editor");
UserEmail += "Editor";
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, await response.Content.ReadAsStringAsync());
}
// SensitiveData
[Test]
public override async Task As_Sensitive_Data_I_Have_Specified_Access()
{
var response = await AuthorizedRequest(Constants.Security.SensitiveDataGroupKey, "SensitiveData");
UserEmail += "SensitiveData";
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, await response.Content.ReadAsStringAsync());
}
// Translator
[Test]
public override async Task As_Translator_I_Have_Specified_Access()
{
var response = await AuthorizedRequest(Constants.Security.TranslatorGroupKey, "Translator");
UserEmail += "Translator";
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, await response.Content.ReadAsStringAsync());
}
// Writer
[Test]
public override async Task As_Writer_I_Have_Specified_Access()
{
var response = await AuthorizedRequest(Constants.Security.WriterGroupKey, "Writer");
UserEmail += "Writer";
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, await response.Content.ReadAsStringAsync());
}
// Unauthorized
[Test]
public override async Task As_Unauthorized_I_Have_Specified_Access()
{
var response = await ClientRequest();
Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode, await response.Content.ReadAsStringAsync());
}
protected override async Task<HttpResponseMessage> ClientRequest()
{
LoginRequestModel loginRequestModel = new() { Username = UserEmail, Password = UserPassword };
return await Client.PostAsync(Url, JsonContent.Create(loginRequestModel));
}
protected override async Task AuthenticateUser(Guid userGroupKey, string groupName) =>
await AuthenticateClientAsync(Client, UserEmail, UserPassword, userGroupKey);
}
Reference in New Issue Copy Permalink