tests/Umbraco.Tests.UnitTests/Umbraco.Web.BackOffice/Authorization/SectionHandlerTests.cs

// Copyright (c) Umbraco.
// See LICENSE for more details.

using System.Collections.Generic;
using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
using Moq;
using NUnit.Framework;
using Umbraco.Cms.Core.Models.Membership;
using Umbraco.Cms.Core.Security;
using Umbraco.Cms.Tests.Common.Builders;
using Umbraco.Cms.Web.BackOffice.Authorization;
using Constants = Umbraco.Cms.Core.Constants;

namespace Umbraco.Cms.Tests.UnitTests.Umbraco.Web.BackOffice.Authorization
{
    public class SectionHandlerTests
    {
        [Test]
        public async Task Unauthorized_User_Is_Not_Authorized()
        {
            AuthorizationHandlerContext authHandlerContext = CreateAuthorizationHandlerContext();
            SectionHandler sut = CreateHandler();

            await sut.HandleAsync(authHandlerContext);

            Assert.IsFalse(authHandlerContext.HasSucceeded);
        }

        [Test]
        public async Task User_With_Section_Access_Is_Authorized()
        {
            AuthorizationHandlerContext authHandlerContext = CreateAuthorizationHandlerContext();
            SectionHandler sut = CreateHandler(userIsAuthorized: true, userCanAccessContentSection: true);

            await sut.HandleAsync(authHandlerContext);

            Assert.IsTrue(authHandlerContext.HasSucceeded);
        }

        [Test]
        public async Task User_Without_Section_Access_Is_Not_Authorized()
        {
            AuthorizationHandlerContext authHandlerContext = CreateAuthorizationHandlerContext();
            SectionHandler sut = CreateHandler(userIsAuthorized: true);

            await sut.HandleAsync(authHandlerContext);

            Assert.IsFalse(authHandlerContext.HasSucceeded);
        }

        private static AuthorizationHandlerContext CreateAuthorizationHandlerContext()
        {
            var requirement = new SectionRequirement(Constants.Applications.Content, Constants.Applications.Media);
            var user = new ClaimsPrincipal(new ClaimsIdentity(new List<Claim>()));
            object resource = new object();
            return new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement }, user, resource);
        }

        private SectionHandler CreateHandler(bool userIsAuthorized = false, bool userCanAccessContentSection = false)
        {
            Mock<IBackOfficeSecurityAccessor> mockBackOfficeSecurityAccessor = CreateMockBackOfficeSecurityAccessor(userIsAuthorized, userCanAccessContentSection);

            return new SectionHandler(mockBackOfficeSecurityAccessor.Object);
        }

        private static Mock<IBackOfficeSecurityAccessor> CreateMockBackOfficeSecurityAccessor(bool userIsAuthorized, bool userCanAccessContentSection)
        {
            User user = CreateUser();
            var mockBackOfficeSecurity = new Mock<IBackOfficeSecurity>();
            mockBackOfficeSecurity.SetupGet(x => x.CurrentUser).Returns(userIsAuthorized ? user : null);
            mockBackOfficeSecurity
                .Setup(x => x.UserHasSectionAccess(Constants.Applications.Content, It.Is<IUser>(y => y.Username == user.Username)))
                .Returns(userCanAccessContentSection);
            mockBackOfficeSecurity
                .Setup(x => x.UserHasSectionAccess(Constants.Applications.Media, It.Is<IUser>(y => y.Username == user.Username)))
                .Returns(false);
            var mockBackOfficeSecurityAccessor = new Mock<IBackOfficeSecurityAccessor>();
            mockBackOfficeSecurityAccessor.Setup(x => x.BackOfficeSecurity).Returns(mockBackOfficeSecurity.Object);
            return mockBackOfficeSecurityAccessor;
        }

        private static User CreateUser() =>
            new UserBuilder()
                .Build();
    }
}
Adhered to linting rules for authorization policy handlers, requirements and tests. 2020-12-06 09:13:29 +01:00			`// Copyright (c) Umbraco.`
			`// See LICENSE for more details.`

			`using System.Collections.Generic;`
Added tests for SectionHandler. 2020-12-02 19:04:43 +01:00			`using System.Security.Claims;`
			`using System.Threading.Tasks;`
			`using Microsoft.AspNetCore.Authorization;`
			`using Moq;`
			`using NUnit.Framework;`
Netcore: Align namespaces (#9801) * Rename Umbraco.Core namespace to Umbraco.Cms.Core * Move extension methods in core project to Umbraco.Extensions * Move extension methods in core project to Umbraco.Extensions * Rename Umbraco.Examine namespace to Umbraco.Cms.Examine * Move examine extensions to Umbraco.Extensions namespace * Reflect changed namespaces in Builder and fix unit tests * Adjust namespace in Umbraco.ModelsBuilder.Embedded * Adjust namespace in Umbraco.Persistence.SqlCe * Adjust namespace in Umbraco.PublishedCache.NuCache * Align namespaces in Umbraco.Web.BackOffice * Align namespaces in Umbraco.Web.Common * Ensure that SqlCeSupport is still enabled after changing the namespace * Align namespaces in Umbraco.Web.Website * Align namespaces in Umbraco.Web.UI.NetCore * Align namespaces in Umbraco.Tests.Common * Align namespaces in Umbraco.Tests.UnitTests * Align namespaces in Umbraco.Tests.Integration * Fix errors caused by changed namespaces * Fix integration tests * Undo the Umbraco.Examine.Lucene namespace change This breaks integration tests on linux, since the namespace wont exists there because it's only used on windows. * Fix merge * Fix Merge 2021-02-18 11:06:02 +01:00			`using Umbraco.Cms.Core.Models.Membership;`
			`using Umbraco.Cms.Core.Security;`
			`using Umbraco.Cms.Tests.Common.Builders;`
			`using Umbraco.Cms.Web.BackOffice.Authorization;`
			`using Constants = Umbraco.Cms.Core.Constants;`
Added tests for SectionHandler. 2020-12-02 19:04:43 +01:00
Netcore: Align namespaces (#9801) * Rename Umbraco.Core namespace to Umbraco.Cms.Core * Move extension methods in core project to Umbraco.Extensions * Move extension methods in core project to Umbraco.Extensions * Rename Umbraco.Examine namespace to Umbraco.Cms.Examine * Move examine extensions to Umbraco.Extensions namespace * Reflect changed namespaces in Builder and fix unit tests * Adjust namespace in Umbraco.ModelsBuilder.Embedded * Adjust namespace in Umbraco.Persistence.SqlCe * Adjust namespace in Umbraco.PublishedCache.NuCache * Align namespaces in Umbraco.Web.BackOffice * Align namespaces in Umbraco.Web.Common * Ensure that SqlCeSupport is still enabled after changing the namespace * Align namespaces in Umbraco.Web.Website * Align namespaces in Umbraco.Web.UI.NetCore * Align namespaces in Umbraco.Tests.Common * Align namespaces in Umbraco.Tests.UnitTests * Align namespaces in Umbraco.Tests.Integration * Fix errors caused by changed namespaces * Fix integration tests * Undo the Umbraco.Examine.Lucene namespace change This breaks integration tests on linux, since the namespace wont exists there because it's only used on windows. * Fix merge * Fix Merge 2021-02-18 11:06:02 +01:00			`namespace Umbraco.Cms.Tests.UnitTests.Umbraco.Web.BackOffice.Authorization`
Added tests for SectionHandler. 2020-12-02 19:04:43 +01:00			`{`
			`public class SectionHandlerTests`
			`{`
			`[Test]`
			`public async Task Unauthorized_User_Is_Not_Authorized()`
			`{`
Adhered to linting rules for authorization policy handlers, requirements and tests. 2020-12-06 09:13:29 +01:00			`AuthorizationHandlerContext authHandlerContext = CreateAuthorizationHandlerContext();`
			`SectionHandler sut = CreateHandler();`
Added tests for SectionHandler. 2020-12-02 19:04:43 +01:00
			`await sut.HandleAsync(authHandlerContext);`

			`Assert.IsFalse(authHandlerContext.HasSucceeded);`
			`}`

			`[Test]`
			`public async Task User_With_Section_Access_Is_Authorized()`
			`{`
Adhered to linting rules for authorization policy handlers, requirements and tests. 2020-12-06 09:13:29 +01:00			`AuthorizationHandlerContext authHandlerContext = CreateAuthorizationHandlerContext();`
			`SectionHandler sut = CreateHandler(userIsAuthorized: true, userCanAccessContentSection: true);`
Added tests for SectionHandler. 2020-12-02 19:04:43 +01:00
			`await sut.HandleAsync(authHandlerContext);`

			`Assert.IsTrue(authHandlerContext.HasSucceeded);`
			`}`

			`[Test]`
			`public async Task User_Without_Section_Access_Is_Not_Authorized()`
			`{`
Adhered to linting rules for authorization policy handlers, requirements and tests. 2020-12-06 09:13:29 +01:00			`AuthorizationHandlerContext authHandlerContext = CreateAuthorizationHandlerContext();`
			`SectionHandler sut = CreateHandler(userIsAuthorized: true);`
Added tests for SectionHandler. 2020-12-02 19:04:43 +01:00
			`await sut.HandleAsync(authHandlerContext);`

			`Assert.IsFalse(authHandlerContext.HasSucceeded);`
			`}`

			`private static AuthorizationHandlerContext CreateAuthorizationHandlerContext()`
			`{`
			`var requirement = new SectionRequirement(Constants.Applications.Content, Constants.Applications.Media);`
			`var user = new ClaimsPrincipal(new ClaimsIdentity(new List<Claim>()));`
Adhered to linting rules for authorization policy handlers, requirements and tests. 2020-12-06 09:13:29 +01:00			`object resource = new object();`
Added tests for SectionHandler. 2020-12-02 19:04:43 +01:00			`return new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement }, user, resource);`
			`}`

			`private SectionHandler CreateHandler(bool userIsAuthorized = false, bool userCanAccessContentSection = false)`
			`{`
Adhered to linting rules for authorization policy handlers, requirements and tests. 2020-12-06 09:13:29 +01:00			`Mock<IBackOfficeSecurityAccessor> mockBackOfficeSecurityAccessor = CreateMockBackOfficeSecurityAccessor(userIsAuthorized, userCanAccessContentSection);`
Added tests for SectionHandler. 2020-12-02 19:04:43 +01:00
			`return new SectionHandler(mockBackOfficeSecurityAccessor.Object);`
			`}`
Adhered to linting rules for authorization policy handlers, requirements and tests. 2020-12-06 09:13:29 +01:00
Added tests for SectionHandler. 2020-12-02 19:04:43 +01:00			`private static Mock<IBackOfficeSecurityAccessor> CreateMockBackOfficeSecurityAccessor(bool userIsAuthorized, bool userCanAccessContentSection)`
			`{`
Adhered to linting rules for authorization policy handlers, requirements and tests. 2020-12-06 09:13:29 +01:00			`User user = CreateUser();`
Added tests for SectionHandler. 2020-12-02 19:04:43 +01:00			`var mockBackOfficeSecurity = new Mock<IBackOfficeSecurity>();`
			`mockBackOfficeSecurity.SetupGet(x => x.CurrentUser).Returns(userIsAuthorized ? user : null);`
			`mockBackOfficeSecurity`
			`.Setup(x => x.UserHasSectionAccess(Constants.Applications.Content, It.Is<IUser>(y => y.Username == user.Username)))`
			`.Returns(userCanAccessContentSection);`
			`mockBackOfficeSecurity`
			`.Setup(x => x.UserHasSectionAccess(Constants.Applications.Media, It.Is<IUser>(y => y.Username == user.Username)))`
			`.Returns(false);`
			`var mockBackOfficeSecurityAccessor = new Mock<IBackOfficeSecurityAccessor>();`
			`mockBackOfficeSecurityAccessor.Setup(x => x.BackOfficeSecurity).Returns(mockBackOfficeSecurity.Object);`
			`return mockBackOfficeSecurityAccessor;`
			`}`

Adhered to linting rules for authorization policy handlers, requirements and tests. 2020-12-06 09:13:29 +01:00			`private static User CreateUser() =>`
			`new UserBuilder()`
Added tests for SectionHandler. 2020-12-02 19:04:43 +01:00			`.Build();`
			`}`
			`}`