From 3acea01501535bb58937a5cccb1b233bfdffd5d4 Mon Sep 17 00:00:00 2001 From: Andy Butland Date: Thu, 3 Dec 2020 12:22:31 +0100 Subject: [PATCH] Restored functionality and fixed tests for BackOfficeHandler. --- .../Authorization/BackOfficeHandlerTests.cs | 30 +++++++++++-------- .../Authorization/BackOfficeHandler.cs | 8 +++-- 2 files changed, 23 insertions(+), 15 deletions(-) diff --git a/src/Umbraco.Tests.UnitTests/Umbraco.Web.BackOffice/Authorization/BackOfficeHandlerTests.cs b/src/Umbraco.Tests.UnitTests/Umbraco.Web.BackOffice/Authorization/BackOfficeHandlerTests.cs index 9c339c628f..c959de86de 100644 --- a/src/Umbraco.Tests.UnitTests/Umbraco.Web.BackOffice/Authorization/BackOfficeHandlerTests.cs +++ b/src/Umbraco.Tests.UnitTests/Umbraco.Web.BackOffice/Authorization/BackOfficeHandlerTests.cs @@ -1,4 +1,4 @@ -using System.Collections.Generic; +using System.Collections.Generic; using System.Security.Claims; using System.Threading.Tasks; using Microsoft.AspNetCore.Authorization; @@ -37,7 +37,7 @@ namespace Umbraco.Tests.UnitTests.Umbraco.Web.BackOffice.Authorization } [Test] - public async Task Non_Validated_User_Is_Not_Authorized() + public async Task Unauthenticated_User_Is_Not_Authorized() { var authHandlerContext = CreateAuthorizationHandlerContext(); var sut = CreateHandler(); @@ -48,10 +48,10 @@ namespace Umbraco.Tests.UnitTests.Umbraco.Web.BackOffice.Authorization } [Test] - public async Task Validated_User_Is_Not_Authorized_When_Not_Approved_And_Approval_Required() + public async Task Authenticated_User_Is_Not_Authorized_When_Not_Approved_And_Approval_Required() { var authHandlerContext = CreateAuthorizationHandlerContext(requireApproval: true); - var sut = CreateHandler(requireApproval: true, isAuthenticated: true); + var sut = CreateHandler(currentUserIsAuthenticated: true); await sut.HandleAsync(authHandlerContext); @@ -59,10 +59,10 @@ namespace Umbraco.Tests.UnitTests.Umbraco.Web.BackOffice.Authorization } [Test] - public async Task Validated_User_Is_Authorized_When_Not_Approved_And_Approval_Not_Required() + public async Task Authenticated_User_Is_Authorized_When_Not_Approved_And_Approval_Not_Required() { var authHandlerContext = CreateAuthorizationHandlerContext(); - var sut = CreateHandler(isAuthenticated: true); + var sut = CreateHandler(currentUserIsAuthenticated: true); await sut.HandleAsync(authHandlerContext); @@ -70,10 +70,10 @@ namespace Umbraco.Tests.UnitTests.Umbraco.Web.BackOffice.Authorization } [Test] - public async Task Validated_User_Is_Authorized_When_Approved_And_Approval_Required() + public async Task Authenticated_User_Is_Authorized_When_Approved_And_Approval_Required() { var authHandlerContext = CreateAuthorizationHandlerContext(requireApproval: true); - var sut = CreateHandler(requireApproval: true, isAuthenticated: true, isApproved: true); + var sut = CreateHandler(currentUserIsAuthenticated: true, currentUserIsApproved: true); await sut.HandleAsync(authHandlerContext); @@ -88,22 +88,26 @@ namespace Umbraco.Tests.UnitTests.Umbraco.Web.BackOffice.Authorization return new AuthorizationHandlerContext(new List { requirement }, user, resource); } - private BackOfficeHandler CreateHandler(RuntimeLevel runtimeLevel = RuntimeLevel.Run, bool requireApproval = false, bool isAuthenticated = false, bool isApproved = false) + private BackOfficeHandler CreateHandler(RuntimeLevel runtimeLevel = RuntimeLevel.Run, bool currentUserIsAuthenticated = false, bool currentUserIsApproved = false) { - var mockBackOfficeSecurityAccessor = CreateMockBackOfficeSecurityAccessor(requireApproval, isAuthenticated, isApproved); + var mockBackOfficeSecurityAccessor = CreateMockBackOfficeSecurityAccessor(currentUserIsAuthenticated, currentUserIsApproved); var mockRuntimeState = CreateMockRuntimeState(runtimeLevel); return new BackOfficeHandler(mockBackOfficeSecurityAccessor.Object, mockRuntimeState.Object); } - private static Mock CreateMockBackOfficeSecurityAccessor(bool requireApproval, bool isAuthenticated, bool isApproved) + private static Mock CreateMockBackOfficeSecurityAccessor(bool currentUserIsAuthenticated, bool currentUserIsApproved) { var user = new UserBuilder() - .WithIsApproved(isApproved) + .WithIsApproved(currentUserIsApproved) .Build(); var mockBackOfficeSecurityAccessor = new Mock(); var mockBackOfficeSecurity = new Mock(); + mockBackOfficeSecurity.Setup(x => x.IsAuthenticated()).Returns(currentUserIsAuthenticated); + if (currentUserIsAuthenticated) + { + mockBackOfficeSecurity.Setup(x => x.CurrentUser).Returns(user); + } - mockBackOfficeSecurity.Setup(x => x.CurrentUser).Returns(user); mockBackOfficeSecurityAccessor = new Mock(); mockBackOfficeSecurityAccessor.Setup(x => x.BackOfficeSecurity).Returns(mockBackOfficeSecurity.Object); return mockBackOfficeSecurityAccessor; diff --git a/src/Umbraco.Web.BackOffice/Authorization/BackOfficeHandler.cs b/src/Umbraco.Web.BackOffice/Authorization/BackOfficeHandler.cs index 065f60b3db..f536483921 100644 --- a/src/Umbraco.Web.BackOffice/Authorization/BackOfficeHandler.cs +++ b/src/Umbraco.Web.BackOffice/Authorization/BackOfficeHandler.cs @@ -1,6 +1,5 @@ -using Microsoft.AspNetCore.Authorization; -using System; using System.Threading.Tasks; +using Microsoft.AspNetCore.Authorization; using Umbraco.Core; using Umbraco.Core.Security; @@ -31,6 +30,11 @@ namespace Umbraco.Web.BackOffice.Authorization case RuntimeLevel.Upgrade: return Task.FromResult(true); default: + if (!_backOfficeSecurity.BackOfficeSecurity.IsAuthenticated()) + { + return Task.FromResult(false); + } + var userApprovalSucceeded = !requirement.RequireApproval || (_backOfficeSecurity.BackOfficeSecurity.CurrentUser?.IsApproved ?? false); return Task.FromResult(userApprovalSucceeded); }