yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Restored functionality and fixed tests for BackOfficeHandler.

Browse Source
This commit is contained in:
Andy Butland
2020-12-03 12:22:31 +01:00
parent 2f537c6ec8
commit 3acea01501
2 changed files with 23 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/Umbraco.Tests.UnitTests/Umbraco.Web.BackOffice/Authorization/BackOfficeHandlerTests.cs
View File

@@ -1,4 +1,4 @@
using System.Collections.Generic;
using System.Collections.Generic;
using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
@@ -37,7 +37,7 @@ namespace Umbraco.Tests.UnitTests.Umbraco.Web.BackOffice.Authorization
}
[Test]
public async Task Non_Validated_User_Is_Not_Authorized()
public async Task Unauthenticated_User_Is_Not_Authorized()
{
var authHandlerContext = CreateAuthorizationHandlerContext();
var sut = CreateHandler();
@@ -48,10 +48,10 @@ namespace Umbraco.Tests.UnitTests.Umbraco.Web.BackOffice.Authorization
}
[Test]
public async Task Validated_User_Is_Not_Authorized_When_Not_Approved_And_Approval_Required()
public async Task Authenticated_User_Is_Not_Authorized_When_Not_Approved_And_Approval_Required()
{
var authHandlerContext = CreateAuthorizationHandlerContext(requireApproval: true);
var sut = CreateHandler(requireApproval: true, isAuthenticated: true);
var sut = CreateHandler(currentUserIsAuthenticated: true);
await sut.HandleAsync(authHandlerContext);
@@ -59,10 +59,10 @@ namespace Umbraco.Tests.UnitTests.Umbraco.Web.BackOffice.Authorization
}
[Test]
public async Task Validated_User_Is_Authorized_When_Not_Approved_And_Approval_Not_Required()
public async Task Authenticated_User_Is_Authorized_When_Not_Approved_And_Approval_Not_Required()
{
var authHandlerContext = CreateAuthorizationHandlerContext();
var sut = CreateHandler(isAuthenticated: true);
var sut = CreateHandler(currentUserIsAuthenticated: true);
await sut.HandleAsync(authHandlerContext);
@@ -70,10 +70,10 @@ namespace Umbraco.Tests.UnitTests.Umbraco.Web.BackOffice.Authorization
}
[Test]
public async Task Validated_User_Is_Authorized_When_Approved_And_Approval_Required()
public async Task Authenticated_User_Is_Authorized_When_Approved_And_Approval_Required()
{
var authHandlerContext = CreateAuthorizationHandlerContext(requireApproval: true);
var sut = CreateHandler(requireApproval: true, isAuthenticated: true, isApproved: true);
var sut = CreateHandler(currentUserIsAuthenticated: true, currentUserIsApproved: true);
await sut.HandleAsync(authHandlerContext);
@@ -88,22 +88,26 @@ namespace Umbraco.Tests.UnitTests.Umbraco.Web.BackOffice.Authorization
return new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement }, user, resource);
}
private BackOfficeHandler CreateHandler(RuntimeLevel runtimeLevel = RuntimeLevel.Run, bool requireApproval = false, bool isAuthenticated = false, bool isApproved = false)
private BackOfficeHandler CreateHandler(RuntimeLevel runtimeLevel = RuntimeLevel.Run, bool currentUserIsAuthenticated = false, bool currentUserIsApproved = false)
{
var mockBackOfficeSecurityAccessor = CreateMockBackOfficeSecurityAccessor(requireApproval, isAuthenticated, isApproved);
var mockBackOfficeSecurityAccessor = CreateMockBackOfficeSecurityAccessor(currentUserIsAuthenticated, currentUserIsApproved);
var mockRuntimeState = CreateMockRuntimeState(runtimeLevel);
return new BackOfficeHandler(mockBackOfficeSecurityAccessor.Object, mockRuntimeState.Object);
}
private static Mock<IBackOfficeSecurityAccessor> CreateMockBackOfficeSecurityAccessor(bool requireApproval, bool isAuthenticated, bool isApproved)
private static Mock<IBackOfficeSecurityAccessor> CreateMockBackOfficeSecurityAccessor(bool currentUserIsAuthenticated, bool currentUserIsApproved)
{
var user = new UserBuilder()
.WithIsApproved(isApproved)
.WithIsApproved(currentUserIsApproved)
.Build();
var mockBackOfficeSecurityAccessor = new Mock<IBackOfficeSecurityAccessor>();
var mockBackOfficeSecurity = new Mock<IBackOfficeSecurity>();
mockBackOfficeSecurity.Setup(x => x.IsAuthenticated()).Returns(currentUserIsAuthenticated);
if (currentUserIsAuthenticated)
{
mockBackOfficeSecurity.Setup(x => x.CurrentUser).Returns(user);
}
mockBackOfficeSecurity.Setup(x => x.CurrentUser).Returns(user);
mockBackOfficeSecurityAccessor = new Mock<IBackOfficeSecurityAccessor>();
mockBackOfficeSecurityAccessor.Setup(x => x.BackOfficeSecurity).Returns(mockBackOfficeSecurity.Object);
return mockBackOfficeSecurityAccessor;

8
src/Umbraco.Web.BackOffice/Authorization/BackOfficeHandler.cs
View File

@@ -1,6 +1,5 @@
using Microsoft.AspNetCore.Authorization;
using System;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
using Umbraco.Core;
using Umbraco.Core.Security;
@@ -31,6 +30,11 @@ namespace Umbraco.Web.BackOffice.Authorization
case RuntimeLevel.Upgrade:
return Task.FromResult(true);
default:
if (!_backOfficeSecurity.BackOfficeSecurity.IsAuthenticated())
{
return Task.FromResult(false);
}
var userApprovalSucceeded = !requirement.RequireApproval || (_backOfficeSecurity.BackOfficeSecurity.CurrentUser?.IsApproved ?? false);
return Task.FromResult(userApprovalSucceeded);
}