mirror of
https://github.com/bitwarden/server.git
synced 2024-11-21 12:05:42 +01:00
[PM-11123] Service layer for Notification Center (#4741)
* PM-11123: Service layer * PM-11123: Service layer for Notification Center * PM-11123: Throw error on unsupported requirement * PM-11123: Missing await * PM-11123: Cleanup * PM-11123: Unit Test coverage * PM-11123: Flipping the authorization logic to be exact match of fail, formatting * PM-11123: Async warning * PM-11123: Using AuthorizeOrThrowAsync, removal of redundant set new id * PM-11123: UT typo * PM-11123: UT fix
This commit is contained in:
parent
9cb99298fc
commit
f3f81deb98
@ -0,0 +1,68 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Bit.Core.Context;
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
|
||||||
|
namespace Bit.Core.NotificationCenter.Authorization;
|
||||||
|
|
||||||
|
public class NotificationAuthorizationHandler : AuthorizationHandler<NotificationOperationsRequirement, Notification>
|
||||||
|
{
|
||||||
|
private readonly ICurrentContext _currentContext;
|
||||||
|
|
||||||
|
public NotificationAuthorizationHandler(ICurrentContext currentContext)
|
||||||
|
{
|
||||||
|
_currentContext = currentContext;
|
||||||
|
}
|
||||||
|
|
||||||
|
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context,
|
||||||
|
NotificationOperationsRequirement requirement,
|
||||||
|
Notification notification)
|
||||||
|
{
|
||||||
|
if (!_currentContext.UserId.HasValue)
|
||||||
|
{
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
var authorized = requirement switch
|
||||||
|
{
|
||||||
|
not null when requirement == NotificationOperations.Read => CanRead(notification),
|
||||||
|
not null when requirement == NotificationOperations.Create => await CanCreate(notification),
|
||||||
|
not null when requirement == NotificationOperations.Update => await CanUpdate(notification),
|
||||||
|
_ => throw new ArgumentException("Unsupported operation requirement type provided.", nameof(requirement))
|
||||||
|
};
|
||||||
|
|
||||||
|
if (authorized)
|
||||||
|
{
|
||||||
|
context.Succeed(requirement);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private bool CanRead(Notification notification)
|
||||||
|
{
|
||||||
|
var userMatching = !notification.UserId.HasValue || notification.UserId.Value == _currentContext.UserId!.Value;
|
||||||
|
var organizationMatching = !notification.OrganizationId.HasValue ||
|
||||||
|
_currentContext.GetOrganization(notification.OrganizationId.Value) != null;
|
||||||
|
|
||||||
|
return notification.Global || (userMatching && organizationMatching);
|
||||||
|
}
|
||||||
|
|
||||||
|
private async Task<bool> CanCreate(Notification notification)
|
||||||
|
{
|
||||||
|
var organizationPermissionsMatching = !notification.OrganizationId.HasValue ||
|
||||||
|
await _currentContext.AccessReports(notification.OrganizationId.Value);
|
||||||
|
var userNoOrganizationMatching = !notification.UserId.HasValue || notification.OrganizationId.HasValue ||
|
||||||
|
notification.UserId.Value == _currentContext.UserId!.Value;
|
||||||
|
|
||||||
|
return !notification.Global && organizationPermissionsMatching && userNoOrganizationMatching;
|
||||||
|
}
|
||||||
|
|
||||||
|
private async Task<bool> CanUpdate(Notification notification)
|
||||||
|
{
|
||||||
|
var organizationPermissionsMatching = !notification.OrganizationId.HasValue ||
|
||||||
|
await _currentContext.AccessReports(notification.OrganizationId.Value);
|
||||||
|
var userNoOrganizationMatching = !notification.UserId.HasValue || notification.OrganizationId.HasValue ||
|
||||||
|
notification.UserId.Value == _currentContext.UserId!.Value;
|
||||||
|
|
||||||
|
return !notification.Global && organizationPermissionsMatching && userNoOrganizationMatching;
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,19 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Microsoft.AspNetCore.Authorization.Infrastructure;
|
||||||
|
|
||||||
|
namespace Bit.Core.NotificationCenter.Authorization;
|
||||||
|
|
||||||
|
public class NotificationOperationsRequirement : OperationAuthorizationRequirement
|
||||||
|
{
|
||||||
|
public NotificationOperationsRequirement(string name)
|
||||||
|
{
|
||||||
|
Name = name;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public static class NotificationOperations
|
||||||
|
{
|
||||||
|
public static readonly NotificationOperationsRequirement Read = new(nameof(Read));
|
||||||
|
public static readonly NotificationOperationsRequirement Create = new(nameof(Create));
|
||||||
|
public static readonly NotificationOperationsRequirement Update = new(nameof(Update));
|
||||||
|
}
|
@ -0,0 +1,57 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Bit.Core.Context;
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
|
||||||
|
namespace Bit.Core.NotificationCenter.Authorization;
|
||||||
|
|
||||||
|
public class NotificationStatusAuthorizationHandler : AuthorizationHandler<NotificationStatusOperationsRequirement,
|
||||||
|
NotificationStatus>
|
||||||
|
{
|
||||||
|
private readonly ICurrentContext _currentContext;
|
||||||
|
|
||||||
|
public NotificationStatusAuthorizationHandler(ICurrentContext currentContext)
|
||||||
|
{
|
||||||
|
_currentContext = currentContext;
|
||||||
|
}
|
||||||
|
|
||||||
|
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context,
|
||||||
|
NotificationStatusOperationsRequirement requirement,
|
||||||
|
NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
if (!_currentContext.UserId.HasValue)
|
||||||
|
{
|
||||||
|
return Task.CompletedTask;
|
||||||
|
}
|
||||||
|
|
||||||
|
var authorized = requirement switch
|
||||||
|
{
|
||||||
|
not null when requirement == NotificationStatusOperations.Read => CanRead(notificationStatus),
|
||||||
|
not null when requirement == NotificationStatusOperations.Create => CanCreate(notificationStatus),
|
||||||
|
not null when requirement == NotificationStatusOperations.Update => CanUpdate(notificationStatus),
|
||||||
|
_ => throw new ArgumentException("Unsupported operation requirement type provided.", nameof(requirement))
|
||||||
|
};
|
||||||
|
|
||||||
|
if (authorized)
|
||||||
|
{
|
||||||
|
context.Succeed(requirement);
|
||||||
|
}
|
||||||
|
|
||||||
|
return Task.CompletedTask;
|
||||||
|
}
|
||||||
|
|
||||||
|
private bool CanRead(NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
return notificationStatus.UserId == _currentContext.UserId!.Value;
|
||||||
|
}
|
||||||
|
|
||||||
|
private bool CanCreate(NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
return notificationStatus.UserId == _currentContext.UserId!.Value;
|
||||||
|
}
|
||||||
|
|
||||||
|
private bool CanUpdate(NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
return notificationStatus.UserId == _currentContext.UserId!.Value;
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,19 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Microsoft.AspNetCore.Authorization.Infrastructure;
|
||||||
|
|
||||||
|
namespace Bit.Core.NotificationCenter.Authorization;
|
||||||
|
|
||||||
|
public class NotificationStatusOperationsRequirement : OperationAuthorizationRequirement
|
||||||
|
{
|
||||||
|
public NotificationStatusOperationsRequirement(string name)
|
||||||
|
{
|
||||||
|
Name = name;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public static class NotificationStatusOperations
|
||||||
|
{
|
||||||
|
public static readonly NotificationStatusOperationsRequirement Read = new(nameof(Read));
|
||||||
|
public static readonly NotificationStatusOperationsRequirement Create = new(nameof(Create));
|
||||||
|
public static readonly NotificationStatusOperationsRequirement Update = new(nameof(Update));
|
||||||
|
}
|
@ -0,0 +1,36 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Bit.Core.Context;
|
||||||
|
using Bit.Core.NotificationCenter.Authorization;
|
||||||
|
using Bit.Core.NotificationCenter.Commands.Interfaces;
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Bit.Core.NotificationCenter.Repositories;
|
||||||
|
using Bit.Core.Utilities;
|
||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
|
||||||
|
namespace Bit.Core.NotificationCenter.Commands;
|
||||||
|
|
||||||
|
public class CreateNotificationCommand : ICreateNotificationCommand
|
||||||
|
{
|
||||||
|
private readonly ICurrentContext _currentContext;
|
||||||
|
private readonly IAuthorizationService _authorizationService;
|
||||||
|
private readonly INotificationRepository _notificationRepository;
|
||||||
|
|
||||||
|
public CreateNotificationCommand(ICurrentContext currentContext,
|
||||||
|
IAuthorizationService authorizationService,
|
||||||
|
INotificationRepository notificationRepository)
|
||||||
|
{
|
||||||
|
_currentContext = currentContext;
|
||||||
|
_authorizationService = authorizationService;
|
||||||
|
_notificationRepository = notificationRepository;
|
||||||
|
}
|
||||||
|
|
||||||
|
public async Task<Notification> CreateAsync(Notification notification)
|
||||||
|
{
|
||||||
|
notification.CreationDate = notification.RevisionDate = DateTime.UtcNow;
|
||||||
|
|
||||||
|
await _authorizationService.AuthorizeOrThrowAsync(_currentContext.HttpContext.User, notification,
|
||||||
|
NotificationOperations.Create);
|
||||||
|
|
||||||
|
return await _notificationRepository.CreateAsync(notification);
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,47 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Bit.Core.Context;
|
||||||
|
using Bit.Core.Exceptions;
|
||||||
|
using Bit.Core.NotificationCenter.Authorization;
|
||||||
|
using Bit.Core.NotificationCenter.Commands.Interfaces;
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Bit.Core.NotificationCenter.Repositories;
|
||||||
|
using Bit.Core.Utilities;
|
||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
|
||||||
|
namespace Bit.Core.NotificationCenter.Commands;
|
||||||
|
|
||||||
|
public class CreateNotificationStatusCommand : ICreateNotificationStatusCommand
|
||||||
|
{
|
||||||
|
private readonly ICurrentContext _currentContext;
|
||||||
|
private readonly IAuthorizationService _authorizationService;
|
||||||
|
private readonly INotificationRepository _notificationRepository;
|
||||||
|
private readonly INotificationStatusRepository _notificationStatusRepository;
|
||||||
|
|
||||||
|
public CreateNotificationStatusCommand(ICurrentContext currentContext,
|
||||||
|
IAuthorizationService authorizationService,
|
||||||
|
INotificationRepository notificationRepository,
|
||||||
|
INotificationStatusRepository notificationStatusRepository)
|
||||||
|
{
|
||||||
|
_currentContext = currentContext;
|
||||||
|
_authorizationService = authorizationService;
|
||||||
|
_notificationRepository = notificationRepository;
|
||||||
|
_notificationStatusRepository = notificationStatusRepository;
|
||||||
|
}
|
||||||
|
|
||||||
|
public async Task<NotificationStatus> CreateAsync(NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
var notification = await _notificationRepository.GetByIdAsync(notificationStatus.NotificationId);
|
||||||
|
if (notification == null)
|
||||||
|
{
|
||||||
|
throw new NotFoundException();
|
||||||
|
}
|
||||||
|
|
||||||
|
await _authorizationService.AuthorizeOrThrowAsync(_currentContext.HttpContext.User, notification,
|
||||||
|
NotificationOperations.Read);
|
||||||
|
|
||||||
|
await _authorizationService.AuthorizeOrThrowAsync(_currentContext.HttpContext.User, notificationStatus,
|
||||||
|
NotificationStatusOperations.Create);
|
||||||
|
|
||||||
|
return await _notificationStatusRepository.CreateAsync(notificationStatus);
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,9 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
|
||||||
|
namespace Bit.Core.NotificationCenter.Commands.Interfaces;
|
||||||
|
|
||||||
|
public interface ICreateNotificationCommand
|
||||||
|
{
|
||||||
|
Task<Notification> CreateAsync(Notification notification);
|
||||||
|
}
|
@ -0,0 +1,9 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
|
||||||
|
namespace Bit.Core.NotificationCenter.Commands.Interfaces;
|
||||||
|
|
||||||
|
public interface ICreateNotificationStatusCommand
|
||||||
|
{
|
||||||
|
Task<NotificationStatus> CreateAsync(NotificationStatus notificationStatus);
|
||||||
|
}
|
@ -0,0 +1,7 @@
|
|||||||
|
#nullable enable
|
||||||
|
namespace Bit.Core.NotificationCenter.Commands.Interfaces;
|
||||||
|
|
||||||
|
public interface IMarkNotificationDeletedCommand
|
||||||
|
{
|
||||||
|
Task MarkDeletedAsync(Guid notificationId);
|
||||||
|
}
|
@ -0,0 +1,7 @@
|
|||||||
|
#nullable enable
|
||||||
|
namespace Bit.Core.NotificationCenter.Commands.Interfaces;
|
||||||
|
|
||||||
|
public interface IMarkNotificationReadCommand
|
||||||
|
{
|
||||||
|
Task MarkReadAsync(Guid notificationId);
|
||||||
|
}
|
@ -0,0 +1,9 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
|
||||||
|
namespace Bit.Core.NotificationCenter.Commands.Interfaces;
|
||||||
|
|
||||||
|
public interface IUpdateNotificationCommand
|
||||||
|
{
|
||||||
|
Task UpdateAsync(Notification notification);
|
||||||
|
}
|
@ -0,0 +1,74 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Bit.Core.Context;
|
||||||
|
using Bit.Core.Exceptions;
|
||||||
|
using Bit.Core.NotificationCenter.Authorization;
|
||||||
|
using Bit.Core.NotificationCenter.Commands.Interfaces;
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Bit.Core.NotificationCenter.Repositories;
|
||||||
|
using Bit.Core.Utilities;
|
||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
|
||||||
|
namespace Bit.Core.NotificationCenter.Commands;
|
||||||
|
|
||||||
|
public class MarkNotificationDeletedCommand : IMarkNotificationDeletedCommand
|
||||||
|
{
|
||||||
|
private readonly ICurrentContext _currentContext;
|
||||||
|
private readonly IAuthorizationService _authorizationService;
|
||||||
|
private readonly INotificationRepository _notificationRepository;
|
||||||
|
private readonly INotificationStatusRepository _notificationStatusRepository;
|
||||||
|
|
||||||
|
public MarkNotificationDeletedCommand(ICurrentContext currentContext,
|
||||||
|
IAuthorizationService authorizationService,
|
||||||
|
INotificationRepository notificationRepository,
|
||||||
|
INotificationStatusRepository notificationStatusRepository)
|
||||||
|
{
|
||||||
|
_currentContext = currentContext;
|
||||||
|
_authorizationService = authorizationService;
|
||||||
|
_notificationRepository = notificationRepository;
|
||||||
|
_notificationStatusRepository = notificationStatusRepository;
|
||||||
|
}
|
||||||
|
|
||||||
|
public async Task MarkDeletedAsync(Guid notificationId)
|
||||||
|
{
|
||||||
|
if (!_currentContext.UserId.HasValue)
|
||||||
|
{
|
||||||
|
throw new NotFoundException();
|
||||||
|
}
|
||||||
|
|
||||||
|
var notification = await _notificationRepository.GetByIdAsync(notificationId);
|
||||||
|
if (notification == null)
|
||||||
|
{
|
||||||
|
throw new NotFoundException();
|
||||||
|
}
|
||||||
|
|
||||||
|
await _authorizationService.AuthorizeOrThrowAsync(_currentContext.HttpContext.User, notification,
|
||||||
|
NotificationOperations.Read);
|
||||||
|
|
||||||
|
var notificationStatus = await _notificationStatusRepository.GetByNotificationIdAndUserIdAsync(notificationId,
|
||||||
|
_currentContext.UserId.Value);
|
||||||
|
|
||||||
|
if (notificationStatus == null)
|
||||||
|
{
|
||||||
|
notificationStatus = new NotificationStatus()
|
||||||
|
{
|
||||||
|
NotificationId = notificationId,
|
||||||
|
UserId = _currentContext.UserId.Value,
|
||||||
|
DeletedDate = DateTime.Now
|
||||||
|
};
|
||||||
|
|
||||||
|
await _authorizationService.AuthorizeOrThrowAsync(_currentContext.HttpContext.User, notificationStatus,
|
||||||
|
NotificationStatusOperations.Create);
|
||||||
|
|
||||||
|
await _notificationStatusRepository.CreateAsync(notificationStatus);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
await _authorizationService.AuthorizeOrThrowAsync(_currentContext.HttpContext.User, notificationStatus,
|
||||||
|
NotificationStatusOperations.Update);
|
||||||
|
|
||||||
|
notificationStatus.DeletedDate = DateTime.UtcNow;
|
||||||
|
|
||||||
|
await _notificationStatusRepository.UpdateAsync(notificationStatus);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,74 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Bit.Core.Context;
|
||||||
|
using Bit.Core.Exceptions;
|
||||||
|
using Bit.Core.NotificationCenter.Authorization;
|
||||||
|
using Bit.Core.NotificationCenter.Commands.Interfaces;
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Bit.Core.NotificationCenter.Repositories;
|
||||||
|
using Bit.Core.Utilities;
|
||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
|
||||||
|
namespace Bit.Core.NotificationCenter.Commands;
|
||||||
|
|
||||||
|
public class MarkNotificationReadCommand : IMarkNotificationReadCommand
|
||||||
|
{
|
||||||
|
private readonly ICurrentContext _currentContext;
|
||||||
|
private readonly IAuthorizationService _authorizationService;
|
||||||
|
private readonly INotificationRepository _notificationRepository;
|
||||||
|
private readonly INotificationStatusRepository _notificationStatusRepository;
|
||||||
|
|
||||||
|
public MarkNotificationReadCommand(ICurrentContext currentContext,
|
||||||
|
IAuthorizationService authorizationService,
|
||||||
|
INotificationRepository notificationRepository,
|
||||||
|
INotificationStatusRepository notificationStatusRepository)
|
||||||
|
{
|
||||||
|
_currentContext = currentContext;
|
||||||
|
_authorizationService = authorizationService;
|
||||||
|
_notificationRepository = notificationRepository;
|
||||||
|
_notificationStatusRepository = notificationStatusRepository;
|
||||||
|
}
|
||||||
|
|
||||||
|
public async Task MarkReadAsync(Guid notificationId)
|
||||||
|
{
|
||||||
|
if (!_currentContext.UserId.HasValue)
|
||||||
|
{
|
||||||
|
throw new NotFoundException();
|
||||||
|
}
|
||||||
|
|
||||||
|
var notification = await _notificationRepository.GetByIdAsync(notificationId);
|
||||||
|
if (notification == null)
|
||||||
|
{
|
||||||
|
throw new NotFoundException();
|
||||||
|
}
|
||||||
|
|
||||||
|
await _authorizationService.AuthorizeOrThrowAsync(_currentContext.HttpContext.User, notification,
|
||||||
|
NotificationOperations.Read);
|
||||||
|
|
||||||
|
var notificationStatus = await _notificationStatusRepository.GetByNotificationIdAndUserIdAsync(notificationId,
|
||||||
|
_currentContext.UserId.Value);
|
||||||
|
|
||||||
|
if (notificationStatus == null)
|
||||||
|
{
|
||||||
|
notificationStatus = new NotificationStatus()
|
||||||
|
{
|
||||||
|
NotificationId = notificationId,
|
||||||
|
UserId = _currentContext.UserId.Value,
|
||||||
|
ReadDate = DateTime.Now
|
||||||
|
};
|
||||||
|
|
||||||
|
await _authorizationService.AuthorizeOrThrowAsync(_currentContext.HttpContext.User, notificationStatus,
|
||||||
|
NotificationStatusOperations.Create);
|
||||||
|
|
||||||
|
await _notificationStatusRepository.CreateAsync(notificationStatus);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
await _authorizationService.AuthorizeOrThrowAsync(_currentContext.HttpContext.User,
|
||||||
|
notificationStatus, NotificationStatusOperations.Update);
|
||||||
|
|
||||||
|
notificationStatus.ReadDate = DateTime.UtcNow;
|
||||||
|
|
||||||
|
await _notificationStatusRepository.UpdateAsync(notificationStatus);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,47 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Bit.Core.Context;
|
||||||
|
using Bit.Core.Exceptions;
|
||||||
|
using Bit.Core.NotificationCenter.Authorization;
|
||||||
|
using Bit.Core.NotificationCenter.Commands.Interfaces;
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Bit.Core.NotificationCenter.Repositories;
|
||||||
|
using Bit.Core.Utilities;
|
||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
|
||||||
|
namespace Bit.Core.NotificationCenter.Commands;
|
||||||
|
|
||||||
|
public class UpdateNotificationCommand : IUpdateNotificationCommand
|
||||||
|
{
|
||||||
|
private readonly ICurrentContext _currentContext;
|
||||||
|
private readonly IAuthorizationService _authorizationService;
|
||||||
|
private readonly INotificationRepository _notificationRepository;
|
||||||
|
|
||||||
|
public UpdateNotificationCommand(ICurrentContext currentContext,
|
||||||
|
IAuthorizationService authorizationService,
|
||||||
|
INotificationRepository notificationRepository)
|
||||||
|
{
|
||||||
|
_currentContext = currentContext;
|
||||||
|
_authorizationService = authorizationService;
|
||||||
|
_notificationRepository = notificationRepository;
|
||||||
|
}
|
||||||
|
|
||||||
|
public async Task UpdateAsync(Notification notificationToUpdate)
|
||||||
|
{
|
||||||
|
var notification = await _notificationRepository.GetByIdAsync(notificationToUpdate.Id);
|
||||||
|
if (notification == null)
|
||||||
|
{
|
||||||
|
throw new NotFoundException();
|
||||||
|
}
|
||||||
|
|
||||||
|
await _authorizationService.AuthorizeOrThrowAsync(_currentContext.HttpContext.User,
|
||||||
|
notification, NotificationOperations.Update);
|
||||||
|
|
||||||
|
notification.Priority = notificationToUpdate.Priority;
|
||||||
|
notification.ClientType = notificationToUpdate.ClientType;
|
||||||
|
notification.Title = notificationToUpdate.Title;
|
||||||
|
notification.Body = notificationToUpdate.Body;
|
||||||
|
notification.RevisionDate = DateTime.UtcNow;
|
||||||
|
|
||||||
|
await _notificationRepository.ReplaceAsync(notification);
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,47 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Bit.Core.Context;
|
||||||
|
using Bit.Core.Exceptions;
|
||||||
|
using Bit.Core.NotificationCenter.Authorization;
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Bit.Core.NotificationCenter.Queries.Interfaces;
|
||||||
|
using Bit.Core.NotificationCenter.Repositories;
|
||||||
|
using Bit.Core.Utilities;
|
||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
|
||||||
|
namespace Bit.Core.NotificationCenter.Queries;
|
||||||
|
|
||||||
|
public class GetNotificationStatusForUserQuery : IGetNotificationStatusForUserQuery
|
||||||
|
{
|
||||||
|
private readonly ICurrentContext _currentContext;
|
||||||
|
private readonly IAuthorizationService _authorizationService;
|
||||||
|
private readonly INotificationStatusRepository _notificationStatusRepository;
|
||||||
|
|
||||||
|
public GetNotificationStatusForUserQuery(ICurrentContext currentContext,
|
||||||
|
IAuthorizationService authorizationService,
|
||||||
|
INotificationStatusRepository notificationStatusRepository)
|
||||||
|
{
|
||||||
|
_currentContext = currentContext;
|
||||||
|
_authorizationService = authorizationService;
|
||||||
|
_notificationStatusRepository = notificationStatusRepository;
|
||||||
|
}
|
||||||
|
|
||||||
|
public async Task<NotificationStatus> GetByNotificationIdAndUserIdAsync(Guid notificationId)
|
||||||
|
{
|
||||||
|
if (!_currentContext.UserId.HasValue)
|
||||||
|
{
|
||||||
|
throw new NotFoundException();
|
||||||
|
}
|
||||||
|
|
||||||
|
var notificationStatus = await _notificationStatusRepository.GetByNotificationIdAndUserIdAsync(notificationId,
|
||||||
|
_currentContext.UserId.Value);
|
||||||
|
if (notificationStatus == null)
|
||||||
|
{
|
||||||
|
throw new NotFoundException();
|
||||||
|
}
|
||||||
|
|
||||||
|
await _authorizationService.AuthorizeOrThrowAsync(_currentContext.HttpContext.User,
|
||||||
|
notificationStatus, NotificationStatusOperations.Read);
|
||||||
|
|
||||||
|
return notificationStatus;
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,37 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Bit.Core.Context;
|
||||||
|
using Bit.Core.Exceptions;
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Bit.Core.NotificationCenter.Models.Filter;
|
||||||
|
using Bit.Core.NotificationCenter.Queries.Interfaces;
|
||||||
|
using Bit.Core.NotificationCenter.Repositories;
|
||||||
|
using Bit.Core.Utilities;
|
||||||
|
|
||||||
|
namespace Bit.Core.NotificationCenter.Queries;
|
||||||
|
|
||||||
|
public class GetNotificationsForUserQuery : IGetNotificationsForUserQuery
|
||||||
|
{
|
||||||
|
private readonly ICurrentContext _currentContext;
|
||||||
|
private readonly INotificationRepository _notificationRepository;
|
||||||
|
|
||||||
|
public GetNotificationsForUserQuery(ICurrentContext currentContext,
|
||||||
|
INotificationRepository notificationRepository)
|
||||||
|
{
|
||||||
|
_currentContext = currentContext;
|
||||||
|
_notificationRepository = notificationRepository;
|
||||||
|
}
|
||||||
|
|
||||||
|
public async Task<IEnumerable<Notification>> GetByUserIdStatusFilterAsync(NotificationStatusFilter statusFilter)
|
||||||
|
{
|
||||||
|
if (!_currentContext.UserId.HasValue)
|
||||||
|
{
|
||||||
|
throw new NotFoundException();
|
||||||
|
}
|
||||||
|
|
||||||
|
var clientType = DeviceTypes.ToClientType(_currentContext.DeviceType);
|
||||||
|
|
||||||
|
// Note: only returns the user's notifications - no authorization check needed
|
||||||
|
return await _notificationRepository.GetByUserIdAndStatusAsync(_currentContext.UserId.Value, clientType,
|
||||||
|
statusFilter);
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,9 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
|
||||||
|
namespace Bit.Core.NotificationCenter.Queries.Interfaces;
|
||||||
|
|
||||||
|
public interface IGetNotificationStatusForUserQuery
|
||||||
|
{
|
||||||
|
Task<NotificationStatus> GetByNotificationIdAndUserIdAsync(Guid notificationId);
|
||||||
|
}
|
@ -0,0 +1,10 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Bit.Core.NotificationCenter.Models.Filter;
|
||||||
|
|
||||||
|
namespace Bit.Core.NotificationCenter.Queries.Interfaces;
|
||||||
|
|
||||||
|
public interface IGetNotificationsForUserQuery
|
||||||
|
{
|
||||||
|
Task<IEnumerable<Notification>> GetByUserIdStatusFilterAsync(NotificationStatusFilter statusFilter);
|
||||||
|
}
|
@ -0,0 +1,419 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Bit.Core.Context;
|
||||||
|
using Bit.Core.Test.NotificationCenter.AutoFixture;
|
||||||
|
using Bit.Test.Common.AutoFixture;
|
||||||
|
using Bit.Test.Common.AutoFixture.Attributes;
|
||||||
|
|
||||||
|
namespace Bit.Core.Test.NotificationCenter.Authorization;
|
||||||
|
|
||||||
|
using System.Security.Claims;
|
||||||
|
using Bit.Core.NotificationCenter.Authorization;
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
using NSubstitute;
|
||||||
|
using Xunit;
|
||||||
|
|
||||||
|
[SutProviderCustomize]
|
||||||
|
[NotificationCustomize]
|
||||||
|
public class NotificationAuthorizationHandlerTests
|
||||||
|
{
|
||||||
|
private static void SetupUserPermission(SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
Guid? userId = null, Guid? organizationId = null, bool canAccessReports = false)
|
||||||
|
{
|
||||||
|
sutProvider.GetDependency<ICurrentContext>().UserId.Returns(userId);
|
||||||
|
sutProvider.GetDependency<ICurrentContext>().GetOrganization(organizationId.GetValueOrDefault(Guid.NewGuid()))
|
||||||
|
.Returns(new CurrentContextOrganization());
|
||||||
|
sutProvider.GetDependency<ICurrentContext>().AccessReports(organizationId.GetValueOrDefault(Guid.NewGuid()))
|
||||||
|
.Returns(canAccessReports);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task HandleAsync_UnsupportedNotificationOperationRequirement_Throws(
|
||||||
|
SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
Notification notification, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, Guid.NewGuid());
|
||||||
|
var requirement = new NotificationOperationsRequirement("UnsupportedOperation");
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notification);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<ArgumentException>(() => sutProvider.Sut.HandleAsync(context));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData(nameof(NotificationOperations.Read))]
|
||||||
|
[BitAutoData(nameof(NotificationOperations.Create))]
|
||||||
|
[BitAutoData(nameof(NotificationOperations.Update))]
|
||||||
|
public async Task HandleAsync_NotLoggedIn_Unauthorized(
|
||||||
|
string requirementName,
|
||||||
|
SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
Notification notification, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, userId: null);
|
||||||
|
var requirement = new NotificationOperationsRequirement(requirementName);
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notification);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.False(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData(nameof(NotificationOperations.Read))]
|
||||||
|
[BitAutoData(nameof(NotificationOperations.Create))]
|
||||||
|
[BitAutoData(nameof(NotificationOperations.Update))]
|
||||||
|
public async Task HandleAsync_ResourceEmpty_Unauthorized(
|
||||||
|
string requirementName,
|
||||||
|
SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, Guid.NewGuid());
|
||||||
|
var requirement = new NotificationOperationsRequirement(requirementName);
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, null);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.False(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
[NotificationCustomize(global: true)]
|
||||||
|
public async Task HandleAsync_ReadRequirementGlobalNotification_Authorized(
|
||||||
|
SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
Notification notification, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, Guid.NewGuid());
|
||||||
|
|
||||||
|
var requirement = NotificationOperations.Read;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notification);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.True(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData(false)]
|
||||||
|
[BitAutoData(true)]
|
||||||
|
[NotificationCustomize(global: false)]
|
||||||
|
public async Task HandleAsync_ReadRequirementUserNotMatching_Unauthorized(
|
||||||
|
bool hasOrganizationId,
|
||||||
|
SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
Notification notification, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, Guid.NewGuid(), notification.OrganizationId);
|
||||||
|
|
||||||
|
if (!hasOrganizationId)
|
||||||
|
{
|
||||||
|
notification.OrganizationId = null;
|
||||||
|
}
|
||||||
|
|
||||||
|
var requirement = NotificationOperations.Read;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notification);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.False(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
[BitAutoData(false)]
|
||||||
|
[BitAutoData(true)]
|
||||||
|
[NotificationCustomize(global: false)]
|
||||||
|
public async Task HandleAsync_ReadRequirementOrganizationNotMatching_Unauthorized(
|
||||||
|
bool hasUserId,
|
||||||
|
SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
Notification notification, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, notification.UserId, Guid.NewGuid());
|
||||||
|
|
||||||
|
if (!hasUserId)
|
||||||
|
{
|
||||||
|
notification.UserId = null;
|
||||||
|
}
|
||||||
|
|
||||||
|
var requirement = NotificationOperations.Read;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notification);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.False(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData(false, true)]
|
||||||
|
[BitAutoData(true, false)]
|
||||||
|
[BitAutoData(true, true)]
|
||||||
|
[NotificationCustomize(global: false)]
|
||||||
|
public async Task HandleAsync_ReadRequirement_Authorized(
|
||||||
|
bool hasUserId,
|
||||||
|
bool hasOrganizationId,
|
||||||
|
SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
Notification notification, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, notification.UserId, notification.OrganizationId);
|
||||||
|
|
||||||
|
if (!hasUserId)
|
||||||
|
{
|
||||||
|
notification.UserId = null;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!hasOrganizationId)
|
||||||
|
{
|
||||||
|
notification.OrganizationId = null;
|
||||||
|
}
|
||||||
|
|
||||||
|
var requirement = NotificationOperations.Read;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notification);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.True(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
[NotificationCustomize(global: true)]
|
||||||
|
public async Task HandleAsync_CreateRequirementGlobalNotification_Unauthorized(
|
||||||
|
SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
Notification notification, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, Guid.NewGuid());
|
||||||
|
var requirement = NotificationOperations.Create;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notification);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.False(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
[NotificationCustomize(global: false)]
|
||||||
|
public async Task HandleAsync_CreateRequirementUserNotMatching_Unauthorized(
|
||||||
|
SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
Notification notification, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, Guid.NewGuid(), notification.OrganizationId);
|
||||||
|
|
||||||
|
notification.OrganizationId = null;
|
||||||
|
|
||||||
|
var requirement = NotificationOperations.Create;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notification);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.False(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
[NotificationCustomize(global: false)]
|
||||||
|
public async Task HandleAsync_CreateRequirementOrganizationNotMatching_Unauthorized(
|
||||||
|
SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
Notification notification, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, notification.UserId, Guid.NewGuid());
|
||||||
|
|
||||||
|
var requirement = NotificationOperations.Create;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notification);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.False(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
[NotificationCustomize(global: false)]
|
||||||
|
public async Task HandleAsync_CreateRequirementOrganizationUserNoAccessReportsPermission_Unauthorized(
|
||||||
|
SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
Notification notification, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, notification.UserId, notification.OrganizationId, canAccessReports: false);
|
||||||
|
|
||||||
|
var requirement = NotificationOperations.Create;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notification);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.False(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
[NotificationCustomize(global: false)]
|
||||||
|
public async Task HandleAsync_CreateRequirementUserNotPartOfOrganization_Authorized(
|
||||||
|
SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
Notification notification, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, notification.UserId);
|
||||||
|
|
||||||
|
notification.OrganizationId = null;
|
||||||
|
|
||||||
|
var requirement = NotificationOperations.Create;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notification);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.True(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData(false)]
|
||||||
|
[BitAutoData(true)]
|
||||||
|
[NotificationCustomize(global: false)]
|
||||||
|
public async Task HandleAsync_CreateRequirementOrganizationUserCanAccessReports_Authorized(
|
||||||
|
bool hasUserId,
|
||||||
|
SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
Notification notification, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, notification.UserId, notification.OrganizationId, true);
|
||||||
|
|
||||||
|
if (!hasUserId)
|
||||||
|
{
|
||||||
|
notification.UserId = null;
|
||||||
|
}
|
||||||
|
|
||||||
|
var requirement = NotificationOperations.Create;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notification);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.True(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
// TODO
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
[NotificationCustomize(global: true)]
|
||||||
|
public async Task HandleAsync_UpdateRequirementGlobalNotification_Unauthorized(
|
||||||
|
SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
Notification notification, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, Guid.NewGuid());
|
||||||
|
var requirement = NotificationOperations.Update;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notification);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.False(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
[NotificationCustomize(global: false)]
|
||||||
|
public async Task HandleAsync_UpdateRequirementUserNotMatching_Unauthorized(
|
||||||
|
SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
Notification notification, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, Guid.NewGuid(), notification.OrganizationId);
|
||||||
|
|
||||||
|
notification.OrganizationId = null;
|
||||||
|
|
||||||
|
var requirement = NotificationOperations.Update;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notification);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.False(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
[NotificationCustomize(global: false)]
|
||||||
|
public async Task HandleAsync_UpdateRequirementOrganizationNotMatching_Unauthorized(
|
||||||
|
SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
Notification notification, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, notification.UserId, Guid.NewGuid());
|
||||||
|
|
||||||
|
var requirement = NotificationOperations.Update;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notification);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.False(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
[NotificationCustomize(global: false)]
|
||||||
|
public async Task HandleAsync_UpdateRequirementOrganizationUserNoAccessReportsPermission_Unauthorized(
|
||||||
|
SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
Notification notification, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, notification.UserId, notification.OrganizationId, canAccessReports: false);
|
||||||
|
|
||||||
|
var requirement = NotificationOperations.Update;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notification);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.False(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
[NotificationCustomize(global: false)]
|
||||||
|
public async Task HandleAsync_UpdateRequirementUserNotPartOfOrganization_Authorized(
|
||||||
|
SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
Notification notification, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, notification.UserId);
|
||||||
|
|
||||||
|
notification.OrganizationId = null;
|
||||||
|
|
||||||
|
var requirement = NotificationOperations.Update;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notification);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.True(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData(false)]
|
||||||
|
[BitAutoData(true)]
|
||||||
|
[NotificationCustomize(global: false)]
|
||||||
|
public async Task HandleAsync_UpdateRequirementOrganizationUserCanAccessReports_Authorized(
|
||||||
|
bool hasUserId,
|
||||||
|
SutProvider<NotificationAuthorizationHandler> sutProvider,
|
||||||
|
Notification notification, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, notification.UserId, notification.OrganizationId, true);
|
||||||
|
|
||||||
|
if (!hasUserId)
|
||||||
|
{
|
||||||
|
notification.UserId = null;
|
||||||
|
}
|
||||||
|
|
||||||
|
var requirement = NotificationOperations.Update;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notification);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.True(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,179 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Bit.Core.Context;
|
||||||
|
using Bit.Core.Test.NotificationCenter.AutoFixture;
|
||||||
|
using Bit.Test.Common.AutoFixture;
|
||||||
|
using Bit.Test.Common.AutoFixture.Attributes;
|
||||||
|
|
||||||
|
namespace Bit.Core.Test.NotificationCenter.Authorization;
|
||||||
|
|
||||||
|
using System.Security.Claims;
|
||||||
|
using Bit.Core.NotificationCenter.Authorization;
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
using NSubstitute;
|
||||||
|
using Xunit;
|
||||||
|
|
||||||
|
[SutProviderCustomize]
|
||||||
|
[NotificationStatusCustomize]
|
||||||
|
public class NotificationStatusAuthorizationHandlerTests
|
||||||
|
{
|
||||||
|
private static void SetupUserPermission(SutProvider<NotificationStatusAuthorizationHandler> sutProvider,
|
||||||
|
Guid? userId = null)
|
||||||
|
{
|
||||||
|
sutProvider.GetDependency<ICurrentContext>().UserId.Returns(userId);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task HandleAsync_UnsupportedNotificationOperationRequirement_Throws(
|
||||||
|
SutProvider<NotificationStatusAuthorizationHandler> sutProvider,
|
||||||
|
NotificationStatus notificationStatus, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, Guid.NewGuid());
|
||||||
|
var requirement = new NotificationStatusOperationsRequirement("UnsupportedOperation");
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notificationStatus);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<ArgumentException>(() => sutProvider.Sut.HandleAsync(context));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData(nameof(NotificationStatusOperations.Read))]
|
||||||
|
[BitAutoData(nameof(NotificationStatusOperations.Create))]
|
||||||
|
[BitAutoData(nameof(NotificationStatusOperations.Update))]
|
||||||
|
public async Task HandleAsync_NotLoggedIn_Unauthorized(
|
||||||
|
string requirementName,
|
||||||
|
SutProvider<NotificationStatusAuthorizationHandler> sutProvider,
|
||||||
|
NotificationStatus notificationStatus, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, userId: null);
|
||||||
|
var requirement = new NotificationStatusOperationsRequirement(requirementName);
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notificationStatus);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.False(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData(nameof(NotificationStatusOperations.Read))]
|
||||||
|
[BitAutoData(nameof(NotificationStatusOperations.Create))]
|
||||||
|
[BitAutoData(nameof(NotificationStatusOperations.Update))]
|
||||||
|
public async Task HandleAsync_ResourceEmpty_Unauthorized(
|
||||||
|
string requirementName,
|
||||||
|
SutProvider<NotificationStatusAuthorizationHandler> sutProvider,
|
||||||
|
ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, Guid.NewGuid());
|
||||||
|
var requirement = new NotificationStatusOperationsRequirement(requirementName);
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, null);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.False(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task HandleAsync_ReadRequirementUserNotMatching_Unauthorized(
|
||||||
|
SutProvider<NotificationStatusAuthorizationHandler> sutProvider,
|
||||||
|
NotificationStatus notificationStatus, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, Guid.NewGuid());
|
||||||
|
|
||||||
|
var requirement = NotificationStatusOperations.Read;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notificationStatus);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.False(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task HandleAsync_ReadRequirement_Authorized(
|
||||||
|
SutProvider<NotificationStatusAuthorizationHandler> sutProvider,
|
||||||
|
NotificationStatus notificationStatus, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, notificationStatus.UserId);
|
||||||
|
|
||||||
|
var requirement = NotificationStatusOperations.Read;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notificationStatus);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.True(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task HandleAsync_CreateRequirementUserNotMatching_Unauthorized(
|
||||||
|
SutProvider<NotificationStatusAuthorizationHandler> sutProvider,
|
||||||
|
NotificationStatus notificationStatus, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, Guid.NewGuid());
|
||||||
|
|
||||||
|
var requirement = NotificationStatusOperations.Create;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notificationStatus);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.False(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task HandleAsync_CreateRequirement_Authorized(
|
||||||
|
SutProvider<NotificationStatusAuthorizationHandler> sutProvider,
|
||||||
|
NotificationStatus notificationStatus, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, notificationStatus.UserId);
|
||||||
|
|
||||||
|
var requirement = NotificationStatusOperations.Create;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notificationStatus);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.True(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task HandleAsync_UpdateRequirementUserNotMatching_Unauthorized(
|
||||||
|
SutProvider<NotificationStatusAuthorizationHandler> sutProvider,
|
||||||
|
NotificationStatus notificationStatus, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, Guid.NewGuid());
|
||||||
|
|
||||||
|
var requirement = NotificationStatusOperations.Update;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notificationStatus);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.False(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task HandleAsync_UpdateRequirement_Authorized(
|
||||||
|
SutProvider<NotificationStatusAuthorizationHandler> sutProvider,
|
||||||
|
NotificationStatus notificationStatus, ClaimsPrincipal claimsPrincipal)
|
||||||
|
{
|
||||||
|
SetupUserPermission(sutProvider, notificationStatus.UserId);
|
||||||
|
|
||||||
|
var requirement = NotificationStatusOperations.Update;
|
||||||
|
var context = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
|
||||||
|
claimsPrincipal, notificationStatus);
|
||||||
|
|
||||||
|
await sutProvider.Sut.HandleAsync(context);
|
||||||
|
|
||||||
|
Assert.True(context.HasSucceeded);
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,31 @@
|
|||||||
|
using AutoFixture;
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Bit.Test.Common.AutoFixture.Attributes;
|
||||||
|
|
||||||
|
namespace Bit.Core.Test.NotificationCenter.AutoFixture;
|
||||||
|
|
||||||
|
public class NotificationCustomization(bool global) : ICustomization
|
||||||
|
{
|
||||||
|
public void Customize(IFixture fixture)
|
||||||
|
{
|
||||||
|
fixture.Customize<Notification>(composer =>
|
||||||
|
{
|
||||||
|
var postprocessComposer = composer.With(n => n.Id, Guid.NewGuid())
|
||||||
|
.With(n => n.Global, global);
|
||||||
|
|
||||||
|
postprocessComposer = global
|
||||||
|
? postprocessComposer.Without(n => n.UserId)
|
||||||
|
: postprocessComposer.With(n => n.UserId, Guid.NewGuid());
|
||||||
|
|
||||||
|
return global
|
||||||
|
? postprocessComposer.Without(n => n.OrganizationId)
|
||||||
|
: postprocessComposer.With(n => n.OrganizationId, Guid.NewGuid());
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public class NotificationCustomizeAttribute(bool global = true)
|
||||||
|
: BitCustomizeAttribute
|
||||||
|
{
|
||||||
|
public override ICustomization GetCustomization() => new NotificationCustomization(global);
|
||||||
|
}
|
@ -0,0 +1,19 @@
|
|||||||
|
using AutoFixture;
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Bit.Test.Common.AutoFixture.Attributes;
|
||||||
|
|
||||||
|
namespace Bit.Core.Test.NotificationCenter.AutoFixture;
|
||||||
|
|
||||||
|
public class NotificationStatusCustomization : ICustomization
|
||||||
|
{
|
||||||
|
public void Customize(IFixture fixture)
|
||||||
|
{
|
||||||
|
fixture.Customize<NotificationStatus>(composer => composer.With(ns => ns.NotificationId, Guid.NewGuid())
|
||||||
|
.With(ns => ns.UserId, Guid.NewGuid()));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public class NotificationStatusCustomizeAttribute : BitCustomizeAttribute
|
||||||
|
{
|
||||||
|
public override ICustomization GetCustomization() => new NotificationStatusCustomization();
|
||||||
|
}
|
@ -0,0 +1,59 @@
|
|||||||
|
#nullable enable
|
||||||
|
using System.Security.Claims;
|
||||||
|
using Bit.Core.Exceptions;
|
||||||
|
using Bit.Core.NotificationCenter.Authorization;
|
||||||
|
using Bit.Core.NotificationCenter.Commands;
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Bit.Core.NotificationCenter.Repositories;
|
||||||
|
using Bit.Core.Test.NotificationCenter.AutoFixture;
|
||||||
|
using Bit.Test.Common.AutoFixture;
|
||||||
|
using Bit.Test.Common.AutoFixture.Attributes;
|
||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
using NSubstitute;
|
||||||
|
using Xunit;
|
||||||
|
|
||||||
|
namespace Bit.Core.Test.NotificationCenter.Commands;
|
||||||
|
|
||||||
|
[SutProviderCustomize]
|
||||||
|
[NotificationCustomize]
|
||||||
|
public class CreateNotificationCommandTest
|
||||||
|
{
|
||||||
|
private static void Setup(SutProvider<CreateNotificationCommand> sutProvider,
|
||||||
|
Notification notification, bool authorized = false)
|
||||||
|
{
|
||||||
|
sutProvider.GetDependency<INotificationRepository>()
|
||||||
|
.CreateAsync(notification)
|
||||||
|
.Returns(notification);
|
||||||
|
sutProvider.GetDependency<IAuthorizationService>()
|
||||||
|
.AuthorizeAsync(Arg.Any<ClaimsPrincipal>(), notification,
|
||||||
|
Arg.Is<IEnumerable<IAuthorizationRequirement>>(reqs =>
|
||||||
|
reqs.Contains(NotificationOperations.Create)))
|
||||||
|
.Returns(authorized ? AuthorizationResult.Success() : AuthorizationResult.Failed());
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task CreateAsync_AuthorizationFailed_NotFoundException(
|
||||||
|
SutProvider<CreateNotificationCommand> sutProvider,
|
||||||
|
Notification notification)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notification, authorized: false);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.CreateAsync(notification));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task CreateAsync_Authorized_NotificationCreated(
|
||||||
|
SutProvider<CreateNotificationCommand> sutProvider,
|
||||||
|
Notification notification)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notification, true);
|
||||||
|
|
||||||
|
var newNotification = await sutProvider.Sut.CreateAsync(notification);
|
||||||
|
|
||||||
|
Assert.Equal(notification, newNotification);
|
||||||
|
Assert.Equal(DateTime.UtcNow, notification.CreationDate, TimeSpan.FromMinutes(1));
|
||||||
|
Assert.Equal(notification.CreationDate, notification.RevisionDate);
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,89 @@
|
|||||||
|
#nullable enable
|
||||||
|
using System.Security.Claims;
|
||||||
|
using Bit.Core.Exceptions;
|
||||||
|
using Bit.Core.NotificationCenter.Authorization;
|
||||||
|
using Bit.Core.NotificationCenter.Commands;
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Bit.Core.NotificationCenter.Repositories;
|
||||||
|
using Bit.Core.Test.NotificationCenter.AutoFixture;
|
||||||
|
using Bit.Test.Common.AutoFixture;
|
||||||
|
using Bit.Test.Common.AutoFixture.Attributes;
|
||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
using NSubstitute;
|
||||||
|
using Xunit;
|
||||||
|
|
||||||
|
namespace Bit.Core.Test.NotificationCenter.Commands;
|
||||||
|
|
||||||
|
[SutProviderCustomize]
|
||||||
|
[NotificationCustomize]
|
||||||
|
[NotificationStatusCustomize]
|
||||||
|
public class CreateNotificationStatusCommandTest
|
||||||
|
{
|
||||||
|
private static void Setup(SutProvider<CreateNotificationStatusCommand> sutProvider,
|
||||||
|
Notification? notification, NotificationStatus notificationStatus,
|
||||||
|
bool authorizedNotification = false, bool authorizedCreate = false)
|
||||||
|
{
|
||||||
|
sutProvider.GetDependency<INotificationRepository>()
|
||||||
|
.GetByIdAsync(notificationStatus.NotificationId)
|
||||||
|
.Returns(notification);
|
||||||
|
sutProvider.GetDependency<INotificationStatusRepository>()
|
||||||
|
.CreateAsync(notificationStatus)
|
||||||
|
.Returns(notificationStatus);
|
||||||
|
sutProvider.GetDependency<IAuthorizationService>()
|
||||||
|
.AuthorizeAsync(Arg.Any<ClaimsPrincipal>(), notification ?? Arg.Any<Notification>(),
|
||||||
|
Arg.Is<IEnumerable<IAuthorizationRequirement>>(reqs =>
|
||||||
|
reqs.Contains(NotificationOperations.Read)))
|
||||||
|
.Returns(authorizedNotification ? AuthorizationResult.Success() : AuthorizationResult.Failed());
|
||||||
|
sutProvider.GetDependency<IAuthorizationService>()
|
||||||
|
.AuthorizeAsync(Arg.Any<ClaimsPrincipal>(), notificationStatus,
|
||||||
|
Arg.Is<IEnumerable<IAuthorizationRequirement>>(reqs =>
|
||||||
|
reqs.Contains(NotificationStatusOperations.Create)))
|
||||||
|
.Returns(authorizedCreate ? AuthorizationResult.Success() : AuthorizationResult.Failed());
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task CreateAsync_NotificationNotFound_NotFoundException(
|
||||||
|
SutProvider<CreateNotificationStatusCommand> sutProvider,
|
||||||
|
NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notification: null, notificationStatus, true, true);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.CreateAsync(notificationStatus));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task CreateAsync_NotificationReadNotAuthorized_NotFoundException(
|
||||||
|
SutProvider<CreateNotificationStatusCommand> sutProvider,
|
||||||
|
Notification notification, NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notification, notificationStatus, authorizedNotification: false, true);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.CreateAsync(notificationStatus));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task CreateAsync_CreateNotAuthorized_NotFoundException(
|
||||||
|
SutProvider<CreateNotificationStatusCommand> sutProvider,
|
||||||
|
Notification notification, NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notification, notificationStatus, true, authorizedCreate: false);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.CreateAsync(notificationStatus));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task CreateAsync_NotificationFoundAuthorized_NotificationStatusCreated(
|
||||||
|
SutProvider<CreateNotificationStatusCommand> sutProvider,
|
||||||
|
Notification notification, NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notification, notificationStatus, true, true);
|
||||||
|
|
||||||
|
var newNotificationStatus = await sutProvider.Sut.CreateAsync(notificationStatus);
|
||||||
|
|
||||||
|
Assert.Equal(notificationStatus, newNotificationStatus);
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,151 @@
|
|||||||
|
#nullable enable
|
||||||
|
using System.Security.Claims;
|
||||||
|
using Bit.Core.Context;
|
||||||
|
using Bit.Core.Exceptions;
|
||||||
|
using Bit.Core.NotificationCenter.Authorization;
|
||||||
|
using Bit.Core.NotificationCenter.Commands;
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Bit.Core.NotificationCenter.Repositories;
|
||||||
|
using Bit.Core.Test.NotificationCenter.AutoFixture;
|
||||||
|
using Bit.Test.Common.AutoFixture;
|
||||||
|
using Bit.Test.Common.AutoFixture.Attributes;
|
||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
using NSubstitute;
|
||||||
|
using Xunit;
|
||||||
|
|
||||||
|
namespace Bit.Core.Test.NotificationCenter.Commands;
|
||||||
|
|
||||||
|
[SutProviderCustomize]
|
||||||
|
[NotificationCustomize]
|
||||||
|
[NotificationStatusCustomize]
|
||||||
|
public class MarkNotificationDeletedCommandTest
|
||||||
|
{
|
||||||
|
private static void Setup(SutProvider<MarkNotificationDeletedCommand> sutProvider,
|
||||||
|
Guid notificationId, Guid? userId, Notification? notification, NotificationStatus? notificationStatus,
|
||||||
|
bool authorizedNotification = false, bool authorizedCreate = false, bool authorizedUpdate = false)
|
||||||
|
{
|
||||||
|
sutProvider.GetDependency<ICurrentContext>().UserId.Returns(userId);
|
||||||
|
sutProvider.GetDependency<INotificationRepository>()
|
||||||
|
.GetByIdAsync(notificationId)
|
||||||
|
.Returns(notification);
|
||||||
|
sutProvider.GetDependency<INotificationStatusRepository>()
|
||||||
|
.GetByNotificationIdAndUserIdAsync(notificationId, userId ?? Arg.Any<Guid>())
|
||||||
|
.Returns(notificationStatus);
|
||||||
|
sutProvider.GetDependency<INotificationStatusRepository>()
|
||||||
|
.CreateAsync(Arg.Any<NotificationStatus>());
|
||||||
|
sutProvider.GetDependency<INotificationStatusRepository>()
|
||||||
|
.UpdateAsync(notificationStatus ?? Arg.Any<NotificationStatus>());
|
||||||
|
sutProvider.GetDependency<IAuthorizationService>()
|
||||||
|
.AuthorizeAsync(Arg.Any<ClaimsPrincipal>(), notification ?? Arg.Any<Notification>(),
|
||||||
|
Arg.Is<IEnumerable<IAuthorizationRequirement>>(reqs =>
|
||||||
|
reqs.Contains(NotificationOperations.Read)))
|
||||||
|
.Returns(authorizedNotification ? AuthorizationResult.Success() : AuthorizationResult.Failed());
|
||||||
|
sutProvider.GetDependency<IAuthorizationService>()
|
||||||
|
.AuthorizeAsync(Arg.Any<ClaimsPrincipal>(), notificationStatus ?? Arg.Any<NotificationStatus>(),
|
||||||
|
Arg.Is<IEnumerable<IAuthorizationRequirement>>(reqs =>
|
||||||
|
reqs.Contains(NotificationStatusOperations.Create)))
|
||||||
|
.Returns(authorizedCreate ? AuthorizationResult.Success() : AuthorizationResult.Failed());
|
||||||
|
sutProvider.GetDependency<IAuthorizationService>()
|
||||||
|
.AuthorizeAsync(Arg.Any<ClaimsPrincipal>(), notificationStatus ?? Arg.Any<NotificationStatus>(),
|
||||||
|
Arg.Is<IEnumerable<IAuthorizationRequirement>>(reqs =>
|
||||||
|
reqs.Contains(NotificationStatusOperations.Update)))
|
||||||
|
.Returns(authorizedUpdate ? AuthorizationResult.Success() : AuthorizationResult.Failed());
|
||||||
|
|
||||||
|
sutProvider.GetDependency<INotificationStatusRepository>().ClearReceivedCalls();
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task MarkDeletedAsync_NotLoggedIn_NotFoundException(
|
||||||
|
SutProvider<MarkNotificationDeletedCommand> sutProvider,
|
||||||
|
Guid notificationId, Notification notification, NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notificationId, userId: null, notification, notificationStatus, true, true, true);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.MarkDeletedAsync(notificationId));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task MarkDeletedAsync_NotificationNotFound_NotFoundException(
|
||||||
|
SutProvider<MarkNotificationDeletedCommand> sutProvider,
|
||||||
|
Guid notificationId, Guid userId, NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notificationId, userId, notification: null, notificationStatus, true, true, true);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.MarkDeletedAsync(notificationId));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task MarkDeletedAsync_ReadRequirementNotificationNotAuthorized_NotFoundException(
|
||||||
|
SutProvider<MarkNotificationDeletedCommand> sutProvider,
|
||||||
|
Guid notificationId, Guid userId, Notification notification, NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notificationId, userId, notification, notificationStatus, authorizedNotification: false,
|
||||||
|
true, true);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.MarkDeletedAsync(notificationId));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task MarkDeletedAsync_CreateRequirementNotAuthorized_NotFoundException(
|
||||||
|
SutProvider<MarkNotificationDeletedCommand> sutProvider,
|
||||||
|
Guid notificationId, Guid userId, Notification notification)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notificationId, userId, notification, notificationStatus: null, true,
|
||||||
|
authorizedCreate: false, true);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.MarkDeletedAsync(notificationId));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task MarkDeletedAsync_UpdateRequirementNotAuthorized_NotFoundException(
|
||||||
|
SutProvider<MarkNotificationDeletedCommand> sutProvider,
|
||||||
|
Guid notificationId, Guid userId, Notification notification, NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notificationId, userId, notification, notificationStatus, true, true,
|
||||||
|
authorizedUpdate: false);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.MarkDeletedAsync(notificationId));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task MarkDeletedAsync_NotificationStatusNotFoundCreateAuthorized_NotificationStatusCreated(
|
||||||
|
SutProvider<MarkNotificationDeletedCommand> sutProvider,
|
||||||
|
Guid notificationId, Guid userId, Notification notification)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notificationId, userId, notification, notificationStatus: null, true, true, true);
|
||||||
|
|
||||||
|
await sutProvider.Sut.MarkDeletedAsync(notificationId);
|
||||||
|
|
||||||
|
await sutProvider.GetDependency<INotificationStatusRepository>().Received(1)
|
||||||
|
.CreateAsync(Arg.Is<NotificationStatus>(ns =>
|
||||||
|
ns.NotificationId == notificationId && ns.UserId == userId && !ns.ReadDate.HasValue &&
|
||||||
|
ns.DeletedDate.HasValue && DateTime.UtcNow - ns.DeletedDate.Value < TimeSpan.FromMinutes(1)));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task MarkDeletedAsync_NotificationStatusFoundCreateAuthorized_NotificationStatusUpdated(
|
||||||
|
SutProvider<MarkNotificationDeletedCommand> sutProvider,
|
||||||
|
Guid notificationId, Guid userId, Notification notification, NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
var deletedDate = notificationStatus.DeletedDate;
|
||||||
|
|
||||||
|
Setup(sutProvider, notificationId, userId, notification, notificationStatus, true, true, true);
|
||||||
|
|
||||||
|
await sutProvider.Sut.MarkDeletedAsync(notificationId);
|
||||||
|
|
||||||
|
await sutProvider.GetDependency<INotificationStatusRepository>().Received(1)
|
||||||
|
.UpdateAsync(Arg.Is<NotificationStatus>(ns =>
|
||||||
|
ns.Equals(notificationStatus) &&
|
||||||
|
ns.NotificationId == notificationStatus.NotificationId && ns.UserId == notificationStatus.UserId &&
|
||||||
|
ns.ReadDate == notificationStatus.ReadDate && ns.DeletedDate != deletedDate &&
|
||||||
|
ns.DeletedDate.HasValue &&
|
||||||
|
DateTime.UtcNow - ns.DeletedDate.Value < TimeSpan.FromMinutes(1)));
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,151 @@
|
|||||||
|
#nullable enable
|
||||||
|
using System.Security.Claims;
|
||||||
|
using Bit.Core.Context;
|
||||||
|
using Bit.Core.Exceptions;
|
||||||
|
using Bit.Core.NotificationCenter.Authorization;
|
||||||
|
using Bit.Core.NotificationCenter.Commands;
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Bit.Core.NotificationCenter.Repositories;
|
||||||
|
using Bit.Core.Test.NotificationCenter.AutoFixture;
|
||||||
|
using Bit.Test.Common.AutoFixture;
|
||||||
|
using Bit.Test.Common.AutoFixture.Attributes;
|
||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
using NSubstitute;
|
||||||
|
using Xunit;
|
||||||
|
|
||||||
|
namespace Bit.Core.Test.NotificationCenter.Commands;
|
||||||
|
|
||||||
|
[SutProviderCustomize]
|
||||||
|
[NotificationCustomize]
|
||||||
|
[NotificationStatusCustomize]
|
||||||
|
public class MarkNotificationReadCommandTest
|
||||||
|
{
|
||||||
|
private static void Setup(SutProvider<MarkNotificationReadCommand> sutProvider,
|
||||||
|
Guid notificationId, Guid? userId, Notification? notification, NotificationStatus? notificationStatus,
|
||||||
|
bool authorizedNotification = false, bool authorizedCreate = false, bool authorizedUpdate = false)
|
||||||
|
{
|
||||||
|
sutProvider.GetDependency<ICurrentContext>().UserId.Returns(userId);
|
||||||
|
sutProvider.GetDependency<INotificationRepository>()
|
||||||
|
.GetByIdAsync(notificationId)
|
||||||
|
.Returns(notification);
|
||||||
|
sutProvider.GetDependency<INotificationStatusRepository>()
|
||||||
|
.GetByNotificationIdAndUserIdAsync(notificationId, userId ?? Arg.Any<Guid>())
|
||||||
|
.Returns(notificationStatus);
|
||||||
|
sutProvider.GetDependency<INotificationStatusRepository>()
|
||||||
|
.CreateAsync(Arg.Any<NotificationStatus>());
|
||||||
|
sutProvider.GetDependency<INotificationStatusRepository>()
|
||||||
|
.UpdateAsync(notificationStatus ?? Arg.Any<NotificationStatus>());
|
||||||
|
sutProvider.GetDependency<IAuthorizationService>()
|
||||||
|
.AuthorizeAsync(Arg.Any<ClaimsPrincipal>(), notification ?? Arg.Any<Notification>(),
|
||||||
|
Arg.Is<IEnumerable<IAuthorizationRequirement>>(reqs =>
|
||||||
|
reqs.Contains(NotificationOperations.Read)))
|
||||||
|
.Returns(authorizedNotification ? AuthorizationResult.Success() : AuthorizationResult.Failed());
|
||||||
|
sutProvider.GetDependency<IAuthorizationService>()
|
||||||
|
.AuthorizeAsync(Arg.Any<ClaimsPrincipal>(), notificationStatus ?? Arg.Any<NotificationStatus>(),
|
||||||
|
Arg.Is<IEnumerable<IAuthorizationRequirement>>(reqs =>
|
||||||
|
reqs.Contains(NotificationStatusOperations.Create)))
|
||||||
|
.Returns(authorizedCreate ? AuthorizationResult.Success() : AuthorizationResult.Failed());
|
||||||
|
sutProvider.GetDependency<IAuthorizationService>()
|
||||||
|
.AuthorizeAsync(Arg.Any<ClaimsPrincipal>(), notificationStatus ?? Arg.Any<NotificationStatus>(),
|
||||||
|
Arg.Is<IEnumerable<IAuthorizationRequirement>>(reqs =>
|
||||||
|
reqs.Contains(NotificationStatusOperations.Update)))
|
||||||
|
.Returns(authorizedUpdate ? AuthorizationResult.Success() : AuthorizationResult.Failed());
|
||||||
|
|
||||||
|
sutProvider.GetDependency<INotificationStatusRepository>().ClearReceivedCalls();
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task MarkReadAsync_NotLoggedIn_NotFoundException(
|
||||||
|
SutProvider<MarkNotificationReadCommand> sutProvider,
|
||||||
|
Guid notificationId, Notification notification, NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notificationId, userId: null, notification, notificationStatus, true, true, true);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.MarkReadAsync(notificationId));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task MarkReadAsync_NotificationNotFound_NotFoundException(
|
||||||
|
SutProvider<MarkNotificationReadCommand> sutProvider,
|
||||||
|
Guid notificationId, Guid userId, NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notificationId, userId, notification: null, notificationStatus, true, true, true);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.MarkReadAsync(notificationId));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task MarkReadAsync_ReadRequirementNotificationNotAuthorized_NotFoundException(
|
||||||
|
SutProvider<MarkNotificationReadCommand> sutProvider,
|
||||||
|
Guid notificationId, Guid userId, Notification notification, NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notificationId, userId, notification, notificationStatus, authorizedNotification: false,
|
||||||
|
true, true);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.MarkReadAsync(notificationId));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task MarkReadAsync_CreateRequirementNotAuthorized_NotFoundException(
|
||||||
|
SutProvider<MarkNotificationReadCommand> sutProvider,
|
||||||
|
Guid notificationId, Guid userId, Notification notification)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notificationId, userId, notification, notificationStatus: null, true,
|
||||||
|
authorizedCreate: false, true);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.MarkReadAsync(notificationId));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task MarkReadAsync_UpdateRequirementNotAuthorized_NotFoundException(
|
||||||
|
SutProvider<MarkNotificationReadCommand> sutProvider,
|
||||||
|
Guid notificationId, Guid userId, Notification notification, NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notificationId, userId, notification, notificationStatus, true, true,
|
||||||
|
authorizedUpdate: false);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.MarkReadAsync(notificationId));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task MarkReadAsync_NotificationStatusNotFoundCreateAuthorized_NotificationStatusCreated(
|
||||||
|
SutProvider<MarkNotificationReadCommand> sutProvider,
|
||||||
|
Guid notificationId, Guid userId, Notification notification)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notificationId, userId, notification, notificationStatus: null, true, true, true);
|
||||||
|
|
||||||
|
await sutProvider.Sut.MarkReadAsync(notificationId);
|
||||||
|
|
||||||
|
await sutProvider.GetDependency<INotificationStatusRepository>().Received(1)
|
||||||
|
.CreateAsync(Arg.Is<NotificationStatus>(ns =>
|
||||||
|
ns.NotificationId == notificationId && ns.UserId == userId && !ns.DeletedDate.HasValue &&
|
||||||
|
ns.ReadDate.HasValue && DateTime.UtcNow - ns.ReadDate.Value < TimeSpan.FromMinutes(1)));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task MarkReadAsync_NotificationStatusFoundCreateAuthorized_NotificationStatusUpdated(
|
||||||
|
SutProvider<MarkNotificationReadCommand> sutProvider,
|
||||||
|
Guid notificationId, Guid userId, Notification notification, NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
var readDate = notificationStatus.ReadDate;
|
||||||
|
|
||||||
|
Setup(sutProvider, notificationId, userId, notification, notificationStatus, true, true, true);
|
||||||
|
|
||||||
|
await sutProvider.Sut.MarkReadAsync(notificationId);
|
||||||
|
|
||||||
|
await sutProvider.GetDependency<INotificationStatusRepository>().Received(1)
|
||||||
|
.UpdateAsync(Arg.Is<NotificationStatus>(ns =>
|
||||||
|
ns.Equals(notificationStatus) &&
|
||||||
|
ns.NotificationId == notificationStatus.NotificationId && ns.UserId == notificationStatus.UserId &&
|
||||||
|
ns.DeletedDate == notificationStatus.DeletedDate && ns.ReadDate != readDate &&
|
||||||
|
ns.ReadDate.HasValue &&
|
||||||
|
DateTime.UtcNow - ns.ReadDate.Value < TimeSpan.FromMinutes(1)));
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,95 @@
|
|||||||
|
#nullable enable
|
||||||
|
using System.Security.Claims;
|
||||||
|
using Bit.Core.Enums;
|
||||||
|
using Bit.Core.Exceptions;
|
||||||
|
using Bit.Core.NotificationCenter.Authorization;
|
||||||
|
using Bit.Core.NotificationCenter.Commands;
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Bit.Core.NotificationCenter.Enums;
|
||||||
|
using Bit.Core.NotificationCenter.Repositories;
|
||||||
|
using Bit.Core.Test.NotificationCenter.AutoFixture;
|
||||||
|
using Bit.Core.Utilities;
|
||||||
|
using Bit.Test.Common.AutoFixture;
|
||||||
|
using Bit.Test.Common.AutoFixture.Attributes;
|
||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
using NSubstitute;
|
||||||
|
using Xunit;
|
||||||
|
|
||||||
|
namespace Bit.Core.Test.NotificationCenter.Commands;
|
||||||
|
|
||||||
|
[SutProviderCustomize]
|
||||||
|
[NotificationCustomize]
|
||||||
|
public class UpdateNotificationCommandTest
|
||||||
|
{
|
||||||
|
private static void Setup(SutProvider<UpdateNotificationCommand> sutProvider,
|
||||||
|
Guid notificationId, Notification? notification, bool authorized = false)
|
||||||
|
{
|
||||||
|
sutProvider.GetDependency<INotificationRepository>()
|
||||||
|
.GetByIdAsync(notificationId)
|
||||||
|
.Returns(notification);
|
||||||
|
sutProvider.GetDependency<IAuthorizationService>()
|
||||||
|
.AuthorizeAsync(Arg.Any<ClaimsPrincipal>(), notification ?? Arg.Any<Notification>(),
|
||||||
|
Arg.Is<IEnumerable<IAuthorizationRequirement>>(reqs =>
|
||||||
|
reqs.Contains(NotificationOperations.Update)))
|
||||||
|
.Returns(authorized ? AuthorizationResult.Success() : AuthorizationResult.Failed());
|
||||||
|
|
||||||
|
sutProvider.GetDependency<INotificationRepository>().ClearReceivedCalls();
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task UpdateAsync_NotificationNotFound_NotFoundException(
|
||||||
|
SutProvider<UpdateNotificationCommand> sutProvider,
|
||||||
|
Notification notification)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notification.Id, notification: null, true);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.UpdateAsync(notification));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task UpdateAsync_AuthorizationFailed_NotFoundException(
|
||||||
|
SutProvider<UpdateNotificationCommand> sutProvider,
|
||||||
|
Notification notification)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notification.Id, notification, authorized: false);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.UpdateAsync(notification));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task UpdateAsync_Authorized_NotificationCreated(
|
||||||
|
SutProvider<UpdateNotificationCommand> sutProvider,
|
||||||
|
Notification notification)
|
||||||
|
{
|
||||||
|
notification.Priority = Priority.Medium;
|
||||||
|
notification.ClientType = ClientType.Web;
|
||||||
|
notification.Title = "Title";
|
||||||
|
notification.Body = "Body";
|
||||||
|
notification.RevisionDate = DateTime.UtcNow.AddMinutes(-60);
|
||||||
|
|
||||||
|
Setup(sutProvider, notification.Id, notification, true);
|
||||||
|
|
||||||
|
var notificationToUpdate = CoreHelpers.CloneObject(notification);
|
||||||
|
notificationToUpdate.Priority = Priority.High;
|
||||||
|
notificationToUpdate.ClientType = ClientType.Mobile;
|
||||||
|
notificationToUpdate.Title = "Updated Title";
|
||||||
|
notificationToUpdate.Body = "Updated Body";
|
||||||
|
notificationToUpdate.RevisionDate = DateTime.UtcNow.AddMinutes(-30);
|
||||||
|
|
||||||
|
await sutProvider.Sut.UpdateAsync(notificationToUpdate);
|
||||||
|
|
||||||
|
await sutProvider.GetDependency<INotificationRepository>().Received(1)
|
||||||
|
.ReplaceAsync(Arg.Is<Notification>(n =>
|
||||||
|
// Not updated fields
|
||||||
|
n.Id == notificationToUpdate.Id && n.Global == notificationToUpdate.Global &&
|
||||||
|
n.UserId == notificationToUpdate.UserId && n.OrganizationId == notificationToUpdate.OrganizationId &&
|
||||||
|
n.CreationDate == notificationToUpdate.CreationDate &&
|
||||||
|
// Updated fields
|
||||||
|
n.Priority == notificationToUpdate.Priority && n.ClientType == notificationToUpdate.ClientType &&
|
||||||
|
n.Title == notificationToUpdate.Title && n.Body == notificationToUpdate.Body &&
|
||||||
|
DateTime.UtcNow - n.RevisionDate < TimeSpan.FromMinutes(1)));
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,85 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Bit.Core.Context;
|
||||||
|
using Bit.Core.Exceptions;
|
||||||
|
using Bit.Core.NotificationCenter.Queries;
|
||||||
|
using Bit.Core.NotificationCenter.Repositories;
|
||||||
|
using Bit.Core.Test.NotificationCenter.AutoFixture;
|
||||||
|
using Bit.Test.Common.AutoFixture;
|
||||||
|
using Bit.Test.Common.AutoFixture.Attributes;
|
||||||
|
|
||||||
|
namespace Bit.Core.Test.NotificationCenter.Queries;
|
||||||
|
|
||||||
|
using System.Security.Claims;
|
||||||
|
using Bit.Core.NotificationCenter.Authorization;
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
using NSubstitute;
|
||||||
|
using Xunit;
|
||||||
|
|
||||||
|
[SutProviderCustomize]
|
||||||
|
[NotificationStatusCustomize]
|
||||||
|
public class GetNotificationStatusForUserQueryTest
|
||||||
|
{
|
||||||
|
private static void Setup(SutProvider<GetNotificationStatusForUserQuery> sutProvider,
|
||||||
|
Guid notificationId, NotificationStatus? notificationStatus, Guid? userId, bool authorized = false)
|
||||||
|
{
|
||||||
|
sutProvider.GetDependency<ICurrentContext>().UserId.Returns(userId);
|
||||||
|
sutProvider.GetDependency<INotificationStatusRepository>()
|
||||||
|
.GetByNotificationIdAndUserIdAsync(notificationId, userId.GetValueOrDefault(Guid.NewGuid()))
|
||||||
|
.Returns(notificationStatus);
|
||||||
|
sutProvider.GetDependency<IAuthorizationService>()
|
||||||
|
.AuthorizeAsync(Arg.Any<ClaimsPrincipal>(), notificationStatus ?? Arg.Any<NotificationStatus>(),
|
||||||
|
Arg.Is<IEnumerable<IAuthorizationRequirement>>(reqs =>
|
||||||
|
reqs.Contains(NotificationStatusOperations.Read)))
|
||||||
|
.Returns(authorized ? AuthorizationResult.Success() : AuthorizationResult.Failed());
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task GetByUserIdStatusFilterAsync_UserNotLoggedIn_NotFoundException(
|
||||||
|
SutProvider<GetNotificationStatusForUserQuery> sutProvider,
|
||||||
|
Guid notificationId, NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notificationId, notificationStatus, userId: null, true);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() =>
|
||||||
|
sutProvider.Sut.GetByNotificationIdAndUserIdAsync(notificationId));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task GetByUserIdStatusFilterAsync_NotificationStatusNotFound_NotFoundException(
|
||||||
|
SutProvider<GetNotificationStatusForUserQuery> sutProvider,
|
||||||
|
Guid notificationId)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notificationId, notificationStatus: null, Guid.NewGuid(), true);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() =>
|
||||||
|
sutProvider.Sut.GetByNotificationIdAndUserIdAsync(notificationId));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task GetByUserIdStatusFilterAsync_AuthorizationFailed_NotFoundException(
|
||||||
|
SutProvider<GetNotificationStatusForUserQuery> sutProvider,
|
||||||
|
Guid notificationId, NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notificationId, notificationStatus, Guid.NewGuid(), authorized: false);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() =>
|
||||||
|
sutProvider.Sut.GetByNotificationIdAndUserIdAsync(notificationId));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task GetByUserIdStatusFilterAsync_NotificationFoundAuthorized_Returned(
|
||||||
|
SutProvider<GetNotificationStatusForUserQuery> sutProvider,
|
||||||
|
Guid notificationId, NotificationStatus notificationStatus)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notificationId, notificationStatus, Guid.NewGuid(), true);
|
||||||
|
|
||||||
|
var actualNotificationStatus = await sutProvider.Sut.GetByNotificationIdAndUserIdAsync(notificationId);
|
||||||
|
|
||||||
|
Assert.Equal(notificationStatus, actualNotificationStatus);
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,55 @@
|
|||||||
|
#nullable enable
|
||||||
|
using Bit.Core.Context;
|
||||||
|
using Bit.Core.Enums;
|
||||||
|
using Bit.Core.Exceptions;
|
||||||
|
using Bit.Core.NotificationCenter.Models.Filter;
|
||||||
|
using Bit.Core.NotificationCenter.Queries;
|
||||||
|
using Bit.Core.NotificationCenter.Repositories;
|
||||||
|
using Bit.Core.Test.NotificationCenter.AutoFixture;
|
||||||
|
using Bit.Test.Common.AutoFixture;
|
||||||
|
using Bit.Test.Common.AutoFixture.Attributes;
|
||||||
|
|
||||||
|
namespace Bit.Core.Test.NotificationCenter.Queries;
|
||||||
|
|
||||||
|
using Bit.Core.NotificationCenter.Entities;
|
||||||
|
using NSubstitute;
|
||||||
|
using Xunit;
|
||||||
|
|
||||||
|
[SutProviderCustomize]
|
||||||
|
[NotificationCustomize]
|
||||||
|
public class GetNotificationsForUserQueryTest
|
||||||
|
{
|
||||||
|
private static void Setup(SutProvider<GetNotificationsForUserQuery> sutProvider,
|
||||||
|
List<Notification> notifications, NotificationStatusFilter statusFilter, Guid? userId)
|
||||||
|
{
|
||||||
|
sutProvider.GetDependency<ICurrentContext>().UserId.Returns(userId);
|
||||||
|
sutProvider.GetDependency<INotificationRepository>().GetByUserIdAndStatusAsync(
|
||||||
|
userId.GetValueOrDefault(Guid.NewGuid()), Arg.Any<ClientType>(), statusFilter)
|
||||||
|
.Returns(notifications);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task GetByUserIdStatusFilterAsync_NotLoggedIn_NotFoundException(
|
||||||
|
SutProvider<GetNotificationsForUserQuery> sutProvider,
|
||||||
|
List<Notification> notifications, NotificationStatusFilter notificationStatusFilter)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notifications, notificationStatusFilter, userId: null);
|
||||||
|
|
||||||
|
await Assert.ThrowsAsync<NotFoundException>(() =>
|
||||||
|
sutProvider.Sut.GetByUserIdStatusFilterAsync(notificationStatusFilter));
|
||||||
|
}
|
||||||
|
|
||||||
|
[Theory]
|
||||||
|
[BitAutoData]
|
||||||
|
public async Task GetByUserIdStatusFilterAsync_NotificationsFound_Returned(
|
||||||
|
SutProvider<GetNotificationsForUserQuery> sutProvider,
|
||||||
|
List<Notification> notifications, NotificationStatusFilter notificationStatusFilter)
|
||||||
|
{
|
||||||
|
Setup(sutProvider, notifications, notificationStatusFilter, Guid.NewGuid());
|
||||||
|
|
||||||
|
var actualNotifications = await sutProvider.Sut.GetByUserIdStatusFilterAsync(notificationStatusFilter);
|
||||||
|
|
||||||
|
Assert.Equal(notifications, actualNotifications);
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user