2023-05-03 16:40:24 +02:00
|
|
|
|
using System.Security.Claims;
|
|
|
|
|
using Bit.Api.SecretsManager.Controllers;
|
2023-02-09 15:58:05 +01:00
|
|
|
|
using Bit.Api.SecretsManager.Models.Request;
|
|
|
|
|
using Bit.Api.Test.SecretsManager.Enums;
|
|
|
|
|
using Bit.Core.Context;
|
|
|
|
|
using Bit.Core.Enums;
|
|
|
|
|
using Bit.Core.Exceptions;
|
2023-01-24 19:57:28 +01:00
|
|
|
|
using Bit.Core.SecretsManager.Commands.Projects.Interfaces;
|
|
|
|
|
using Bit.Core.SecretsManager.Entities;
|
2023-04-26 20:09:25 +02:00
|
|
|
|
using Bit.Core.SecretsManager.Models.Data;
|
2023-02-09 15:58:05 +01:00
|
|
|
|
using Bit.Core.SecretsManager.Repositories;
|
2023-01-20 16:33:11 +01:00
|
|
|
|
using Bit.Core.Services;
|
2023-01-24 19:57:28 +01:00
|
|
|
|
using Bit.Core.Test.SecretsManager.AutoFixture.ProjectsFixture;
|
2023-01-13 15:02:53 +01:00
|
|
|
|
using Bit.Test.Common.AutoFixture;
|
|
|
|
|
using Bit.Test.Common.AutoFixture.Attributes;
|
2023-02-09 15:58:05 +01:00
|
|
|
|
using Bit.Test.Common.Helpers;
|
2023-05-03 16:40:24 +02:00
|
|
|
|
using Microsoft.AspNetCore.Authorization;
|
2023-01-13 15:02:53 +01:00
|
|
|
|
using NSubstitute;
|
|
|
|
|
using Xunit;
|
|
|
|
|
|
2023-01-24 19:57:28 +01:00
|
|
|
|
namespace Bit.Api.Test.SecretsManager.Controllers;
|
2023-01-13 15:02:53 +01:00
|
|
|
|
|
|
|
|
|
[ControllerCustomize(typeof(ProjectsController))]
|
|
|
|
|
[SutProviderCustomize]
|
|
|
|
|
[ProjectCustomize]
|
|
|
|
|
[JsonDocumentCustomize]
|
|
|
|
|
public class ProjectsControllerTests
|
|
|
|
|
{
|
2023-02-09 15:58:05 +01:00
|
|
|
|
private static void SetupAdmin(SutProvider<ProjectsController> sutProvider, Guid organizationId)
|
|
|
|
|
{
|
|
|
|
|
sutProvider.GetDependency<ICurrentContext>().AccessSecretsManager(default).ReturnsForAnyArgs(true);
|
|
|
|
|
sutProvider.GetDependency<IUserService>().GetProperUserId(default).ReturnsForAnyArgs(Guid.NewGuid());
|
|
|
|
|
sutProvider.GetDependency<ICurrentContext>().OrganizationAdmin(organizationId).Returns(true);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private static void SetupUserWithPermission(SutProvider<ProjectsController> sutProvider, Guid organizationId)
|
|
|
|
|
{
|
|
|
|
|
sutProvider.GetDependency<ICurrentContext>().AccessSecretsManager(default).ReturnsForAnyArgs(true);
|
|
|
|
|
sutProvider.GetDependency<IUserService>().GetProperUserId(default).ReturnsForAnyArgs(Guid.NewGuid());
|
|
|
|
|
sutProvider.GetDependency<ICurrentContext>().OrganizationAdmin(organizationId).Returns(false);
|
|
|
|
|
sutProvider.GetDependency<ICurrentContext>().OrganizationUser(default).ReturnsForAnyArgs(true);
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-13 15:02:53 +01:00
|
|
|
|
[Theory]
|
|
|
|
|
[BitAutoData]
|
2023-02-09 15:58:05 +01:00
|
|
|
|
public async void ListByOrganization_SmNotEnabled_Throws(SutProvider<ProjectsController> sutProvider, Guid data)
|
2023-01-13 15:02:53 +01:00
|
|
|
|
{
|
2023-02-09 15:58:05 +01:00
|
|
|
|
sutProvider.GetDependency<ICurrentContext>().AccessSecretsManager(data).Returns(false);
|
|
|
|
|
|
|
|
|
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.ListByOrganizationAsync(data));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Theory]
|
|
|
|
|
[BitAutoData(PermissionType.RunAsAdmin)]
|
|
|
|
|
[BitAutoData(PermissionType.RunAsUserWithPermission)]
|
|
|
|
|
public async void ListByOrganization_ReturnsEmptyList(PermissionType permissionType,
|
|
|
|
|
SutProvider<ProjectsController> sutProvider, Guid data)
|
|
|
|
|
{
|
|
|
|
|
switch (permissionType)
|
|
|
|
|
{
|
|
|
|
|
case PermissionType.RunAsAdmin:
|
|
|
|
|
SetupAdmin(sutProvider, data);
|
|
|
|
|
break;
|
|
|
|
|
case PermissionType.RunAsUserWithPermission:
|
|
|
|
|
SetupUserWithPermission(sutProvider, data);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var result = await sutProvider.Sut.ListByOrganizationAsync(data);
|
|
|
|
|
|
|
|
|
|
await sutProvider.GetDependency<IProjectRepository>().Received(1)
|
|
|
|
|
.GetManyByOrganizationIdAsync(Arg.Is(AssertHelper.AssertPropertyEqual(data)), Arg.Any<Guid>(),
|
|
|
|
|
Arg.Any<AccessClientType>());
|
|
|
|
|
Assert.Empty(result.Data);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Theory]
|
|
|
|
|
[BitAutoData(PermissionType.RunAsAdmin)]
|
|
|
|
|
[BitAutoData(PermissionType.RunAsUserWithPermission)]
|
|
|
|
|
public async void ListByOrganization_Success(PermissionType permissionType,
|
|
|
|
|
SutProvider<ProjectsController> sutProvider, Guid data, Project mockProject)
|
|
|
|
|
{
|
|
|
|
|
switch (permissionType)
|
|
|
|
|
{
|
|
|
|
|
case PermissionType.RunAsAdmin:
|
|
|
|
|
SetupAdmin(sutProvider, data);
|
|
|
|
|
break;
|
|
|
|
|
case PermissionType.RunAsUserWithPermission:
|
|
|
|
|
SetupUserWithPermission(sutProvider, data);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sutProvider.GetDependency<IProjectRepository>().GetManyByOrganizationIdAsync(default, default, default)
|
2023-04-26 20:09:25 +02:00
|
|
|
|
.ReturnsForAnyArgs(new List<ProjectPermissionDetails> { new() { Project = mockProject, Read = true, Write = true } });
|
2023-02-09 15:58:05 +01:00
|
|
|
|
|
|
|
|
|
var result = await sutProvider.Sut.ListByOrganizationAsync(data);
|
|
|
|
|
|
|
|
|
|
await sutProvider.GetDependency<IProjectRepository>().Received(1)
|
|
|
|
|
.GetManyByOrganizationIdAsync(Arg.Is(AssertHelper.AssertPropertyEqual(data)), Arg.Any<Guid>(),
|
|
|
|
|
Arg.Any<AccessClientType>());
|
|
|
|
|
Assert.NotEmpty(result.Data);
|
|
|
|
|
Assert.Single(result.Data);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Theory]
|
|
|
|
|
[BitAutoData]
|
2023-05-03 16:40:24 +02:00
|
|
|
|
public async void Create_NoAccess_Throws(SutProvider<ProjectsController> sutProvider,
|
|
|
|
|
Guid orgId, ProjectCreateRequestModel data)
|
2023-02-09 15:58:05 +01:00
|
|
|
|
{
|
2023-05-03 16:40:24 +02:00
|
|
|
|
sutProvider.GetDependency<IAuthorizationService>()
|
|
|
|
|
.AuthorizeAsync(Arg.Any<ClaimsPrincipal>(), data.ToProject(orgId),
|
|
|
|
|
Arg.Any<IEnumerable<IAuthorizationRequirement>>()).ReturnsForAnyArgs(AuthorizationResult.Failed());
|
|
|
|
|
sutProvider.GetDependency<IUserService>().GetProperUserId(default).ReturnsForAnyArgs(Guid.NewGuid());
|
|
|
|
|
|
|
|
|
|
var resultProject = data.ToProject(orgId);
|
|
|
|
|
|
|
|
|
|
sutProvider.GetDependency<ICreateProjectCommand>().CreateAsync(default, default)
|
|
|
|
|
.ReturnsForAnyArgs(resultProject);
|
2023-02-09 15:58:05 +01:00
|
|
|
|
|
|
|
|
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.CreateAsync(orgId, data));
|
|
|
|
|
await sutProvider.GetDependency<ICreateProjectCommand>().DidNotReceiveWithAnyArgs()
|
|
|
|
|
.CreateAsync(Arg.Any<Project>(), Arg.Any<Guid>());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Theory]
|
2023-05-03 16:40:24 +02:00
|
|
|
|
[BitAutoData]
|
|
|
|
|
public async void Create_Success(SutProvider<ProjectsController> sutProvider,
|
2023-02-09 15:58:05 +01:00
|
|
|
|
Guid orgId, ProjectCreateRequestModel data)
|
|
|
|
|
{
|
2023-05-03 16:40:24 +02:00
|
|
|
|
sutProvider.GetDependency<IAuthorizationService>()
|
|
|
|
|
.AuthorizeAsync(Arg.Any<ClaimsPrincipal>(), data.ToProject(orgId),
|
|
|
|
|
Arg.Any<IEnumerable<IAuthorizationRequirement>>()).ReturnsForAnyArgs(AuthorizationResult.Success());
|
|
|
|
|
sutProvider.GetDependency<IUserService>().GetProperUserId(default).ReturnsForAnyArgs(Guid.NewGuid());
|
2023-02-09 15:58:05 +01:00
|
|
|
|
|
|
|
|
|
var resultProject = data.ToProject(orgId);
|
2023-05-03 16:40:24 +02:00
|
|
|
|
|
2023-02-09 15:58:05 +01:00
|
|
|
|
sutProvider.GetDependency<ICreateProjectCommand>().CreateAsync(default, default)
|
|
|
|
|
.ReturnsForAnyArgs(resultProject);
|
|
|
|
|
|
|
|
|
|
await sutProvider.Sut.CreateAsync(orgId, data);
|
|
|
|
|
|
|
|
|
|
await sutProvider.GetDependency<ICreateProjectCommand>().Received(1)
|
|
|
|
|
.CreateAsync(Arg.Any<Project>(), Arg.Any<Guid>());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Theory]
|
2023-05-03 16:40:24 +02:00
|
|
|
|
[BitAutoData]
|
|
|
|
|
public async void Update_NoAccess_Throws(SutProvider<ProjectsController> sutProvider,
|
|
|
|
|
Guid userId, ProjectUpdateRequestModel data, Project existingProject)
|
2023-02-09 15:58:05 +01:00
|
|
|
|
{
|
2023-05-03 16:40:24 +02:00
|
|
|
|
sutProvider.GetDependency<IAuthorizationService>()
|
|
|
|
|
.AuthorizeAsync(Arg.Any<ClaimsPrincipal>(), data.ToProject(existingProject.Id),
|
|
|
|
|
Arg.Any<IEnumerable<IAuthorizationRequirement>>()).ReturnsForAnyArgs(AuthorizationResult.Failed());
|
|
|
|
|
sutProvider.GetDependency<IProjectRepository>().GetByIdAsync(existingProject.Id).ReturnsForAnyArgs(existingProject);
|
|
|
|
|
sutProvider.GetDependency<IUserService>().GetProperUserId(default).ReturnsForAnyArgs(userId);
|
|
|
|
|
|
|
|
|
|
var resultProject = data.ToProject(existingProject.Id);
|
|
|
|
|
sutProvider.GetDependency<IUpdateProjectCommand>().UpdateAsync(default)
|
|
|
|
|
.ReturnsForAnyArgs(resultProject);
|
2023-02-09 15:58:05 +01:00
|
|
|
|
|
2023-05-03 16:40:24 +02:00
|
|
|
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.UpdateAsync(existingProject.Id, data));
|
|
|
|
|
await sutProvider.GetDependency<IUpdateProjectCommand>().DidNotReceiveWithAnyArgs()
|
|
|
|
|
.UpdateAsync(Arg.Any<Project>());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Theory]
|
|
|
|
|
[BitAutoData]
|
|
|
|
|
public async void Update_Success(SutProvider<ProjectsController> sutProvider,
|
|
|
|
|
Guid userId, ProjectUpdateRequestModel data, Project existingProject)
|
|
|
|
|
{
|
|
|
|
|
sutProvider.GetDependency<IAuthorizationService>()
|
|
|
|
|
.AuthorizeAsync(Arg.Any<ClaimsPrincipal>(), data.ToProject(existingProject.Id),
|
|
|
|
|
Arg.Any<IEnumerable<IAuthorizationRequirement>>()).ReturnsForAnyArgs(AuthorizationResult.Success());
|
|
|
|
|
sutProvider.GetDependency<IProjectRepository>().GetByIdAsync(existingProject.Id).ReturnsForAnyArgs(existingProject);
|
|
|
|
|
sutProvider.GetDependency<IUserService>().GetProperUserId(default).ReturnsForAnyArgs(userId);
|
|
|
|
|
|
|
|
|
|
var resultProject = data.ToProject(existingProject.Id);
|
|
|
|
|
sutProvider.GetDependency<IUpdateProjectCommand>().UpdateAsync(default)
|
2023-02-09 15:58:05 +01:00
|
|
|
|
.ReturnsForAnyArgs(resultProject);
|
|
|
|
|
|
2023-05-03 16:40:24 +02:00
|
|
|
|
await sutProvider.Sut.UpdateAsync(existingProject.Id, data);
|
2023-02-09 15:58:05 +01:00
|
|
|
|
|
|
|
|
|
await sutProvider.GetDependency<IUpdateProjectCommand>().Received(1)
|
2023-05-03 16:40:24 +02:00
|
|
|
|
.UpdateAsync(Arg.Any<Project>());
|
2023-02-09 15:58:05 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Theory]
|
|
|
|
|
[BitAutoData]
|
2023-03-02 16:02:42 +01:00
|
|
|
|
public async void Get_SmNotEnabled_Throws(SutProvider<ProjectsController> sutProvider, Guid data, Guid orgId)
|
2023-02-09 15:58:05 +01:00
|
|
|
|
{
|
2023-03-02 16:02:42 +01:00
|
|
|
|
SetupAdmin(sutProvider, orgId);
|
|
|
|
|
sutProvider.GetDependency<ICurrentContext>().AccessSecretsManager(orgId).Returns(false);
|
2023-02-09 15:58:05 +01:00
|
|
|
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.GetAsync(data));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Theory]
|
|
|
|
|
[BitAutoData]
|
2023-03-02 16:02:42 +01:00
|
|
|
|
public async void Get_ThrowsNotFound(SutProvider<ProjectsController> sutProvider, Guid data, Guid orgId)
|
2023-02-09 15:58:05 +01:00
|
|
|
|
{
|
2023-03-02 16:02:42 +01:00
|
|
|
|
SetupAdmin(sutProvider, orgId);
|
2023-02-09 15:58:05 +01:00
|
|
|
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.GetAsync(data));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Theory]
|
|
|
|
|
[BitAutoData(PermissionType.RunAsAdmin)]
|
|
|
|
|
[BitAutoData(PermissionType.RunAsUserWithPermission)]
|
|
|
|
|
public async void Get_Success(PermissionType permissionType, SutProvider<ProjectsController> sutProvider,
|
|
|
|
|
Guid orgId, Guid data)
|
|
|
|
|
{
|
|
|
|
|
switch (permissionType)
|
|
|
|
|
{
|
|
|
|
|
case PermissionType.RunAsAdmin:
|
|
|
|
|
SetupAdmin(sutProvider, orgId);
|
|
|
|
|
break;
|
|
|
|
|
case PermissionType.RunAsUserWithPermission:
|
|
|
|
|
SetupUserWithPermission(sutProvider, orgId);
|
2023-04-26 20:09:25 +02:00
|
|
|
|
sutProvider.GetDependency<IProjectRepository>().AccessToProjectAsync(default, default, default)
|
|
|
|
|
.Returns((true, true));
|
2023-02-09 15:58:05 +01:00
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2023-03-09 18:23:50 +01:00
|
|
|
|
sutProvider.GetDependency<IProjectRepository>().GetByIdAsync(Arg.Is(data))
|
|
|
|
|
.ReturnsForAnyArgs(new Project { Id = data, OrganizationId = orgId });
|
|
|
|
|
|
|
|
|
|
sutProvider.GetDependency<IProjectRepository>().AccessToProjectAsync(default, default, default)
|
|
|
|
|
.ReturnsForAnyArgs((true, false));
|
2023-02-09 15:58:05 +01:00
|
|
|
|
|
|
|
|
|
await sutProvider.Sut.GetAsync(data);
|
|
|
|
|
|
|
|
|
|
await sutProvider.GetDependency<IProjectRepository>().Received(1)
|
2023-03-09 18:23:50 +01:00
|
|
|
|
.GetByIdAsync(Arg.Is(data));
|
2023-02-09 15:58:05 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Theory]
|
|
|
|
|
[BitAutoData]
|
|
|
|
|
public async void Get_UserWithoutPermission_Throws(SutProvider<ProjectsController> sutProvider, Guid orgId,
|
|
|
|
|
Guid data)
|
|
|
|
|
{
|
|
|
|
|
SetupUserWithPermission(sutProvider, orgId);
|
2023-04-26 20:09:25 +02:00
|
|
|
|
sutProvider.GetDependency<IProjectRepository>().AccessToProjectAsync(default, default, default)
|
|
|
|
|
.Returns((false, false));
|
2023-02-09 15:58:05 +01:00
|
|
|
|
|
|
|
|
|
sutProvider.GetDependency<IProjectRepository>().GetByIdAsync(Arg.Is(data))
|
|
|
|
|
.ReturnsForAnyArgs(new Project { Id = data, OrganizationId = orgId });
|
|
|
|
|
|
|
|
|
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.GetAsync(data));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Theory]
|
|
|
|
|
[BitAutoData]
|
|
|
|
|
public async void BulkDeleteProjects_Success(SutProvider<ProjectsController> sutProvider, List<Project> data)
|
|
|
|
|
{
|
|
|
|
|
sutProvider.GetDependency<IUserService>().GetProperUserId(default).ReturnsForAnyArgs(Guid.NewGuid());
|
|
|
|
|
var ids = data.Select(project => project.Id).ToList();
|
|
|
|
|
var mockResult = data.Select(project => new Tuple<Project, string>(project, "")).ToList();
|
|
|
|
|
|
2023-01-20 16:33:11 +01:00
|
|
|
|
sutProvider.GetDependency<IDeleteProjectCommand>().DeleteProjects(ids, default).ReturnsForAnyArgs(mockResult);
|
2023-01-13 15:02:53 +01:00
|
|
|
|
|
2023-01-31 18:38:53 +01:00
|
|
|
|
var results = await sutProvider.Sut.BulkDeleteAsync(ids);
|
2023-01-13 15:02:53 +01:00
|
|
|
|
await sutProvider.GetDependency<IDeleteProjectCommand>().Received(1)
|
2023-02-09 15:58:05 +01:00
|
|
|
|
.DeleteProjects(Arg.Is(ids), Arg.Any<Guid>());
|
2023-01-13 15:02:53 +01:00
|
|
|
|
Assert.Equal(data.Count, results.Data.Count());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Theory]
|
|
|
|
|
[BitAutoData]
|
2023-02-09 15:58:05 +01:00
|
|
|
|
public async void BulkDeleteProjects_NoGuids_ThrowsArgumentNullException(
|
|
|
|
|
SutProvider<ProjectsController> sutProvider)
|
2023-01-13 15:02:53 +01:00
|
|
|
|
{
|
2023-01-20 16:33:11 +01:00
|
|
|
|
sutProvider.GetDependency<IUserService>().GetProperUserId(default).ReturnsForAnyArgs(Guid.NewGuid());
|
2023-01-31 18:38:53 +01:00
|
|
|
|
await Assert.ThrowsAsync<ArgumentNullException>(() => sutProvider.Sut.BulkDeleteAsync(new List<Guid>()));
|
2023-01-13 15:02:53 +01:00
|
|
|
|
}
|
|
|
|
|
}
|