-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #674 from cabinetoffice/feature/DP-627-create-supp…
…ort-admin-role Feature/dp 627 create support admin role
- Loading branch information
Showing
16 changed files
with
127 additions
and
33 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -21,7 +21,7 @@ public class AuthorizationTests | |
private static Guid personId = new Guid("5b0d3aa8-94cd-4ede-ba03-546937035690"); | ||
private static Guid personInviteGuid = new Guid("330fb1d4-26e2-4c69-898f-6197f9321361"); | ||
|
||
public HttpClient BuildHttpClient(List<string> userScopes) | ||
public HttpClient BuildHttpClient(List<string> userOrganisationScopes, List<string> userScopes) | ||
{ | ||
var services = new ServiceCollection(); | ||
|
||
|
@@ -32,11 +32,11 @@ public HttpClient BuildHttpClient(List<string> userScopes) | |
Tenant.WebApiClient.PartyRole.Supplier, | ||
Tenant.WebApiClient.PartyRole.Tenderer | ||
], | ||
userScopes, | ||
userOrganisationScopes, | ||
new Uri("http://foo") | ||
); | ||
|
||
var person = new Person.WebApiClient.Person("[email protected]", "First name", personId, "Last name"); | ||
var person = new Person.WebApiClient.Person("[email protected]", "First name", personId, "Last name", userScopes); | ||
|
||
tenantClient.Setup(client => client.LookupTenantAsync()) | ||
.ReturnsAsync( | ||
|
@@ -83,8 +83,12 @@ [ organisation ] | |
) | ||
); | ||
|
||
personClient.Setup(client => client.LookupPersonAsync(It.IsAny<string>())).ReturnsAsync(person); | ||
|
||
services.AddTransient<IOrganisationClient, OrganisationClient>(sc => organisationClient.Object); | ||
|
||
services.AddTransient<IPersonClient, PersonClient>(sc => personClient.Object); | ||
|
||
_mockSession.Setup(s => s.Get<Models.UserDetails>(Session.UserDetailsKey)) | ||
.Returns(new Models.UserDetails() { Email = "[email protected]", UserUrn = "urn", PersonId = person.Id }); | ||
|
||
|
@@ -113,11 +117,31 @@ public static IEnumerable<object[]> TestCases() | |
yield return new object[] { $"/organisation/{testOrganisationId}/users/{personInviteGuid}/change-role?handler=personInvite", new string[] { "Person invite Last name", "Can add, remove and edit users" } }; | ||
} | ||
|
||
[Theory] | ||
[MemberData(nameof(TestCases))] | ||
public async Task TestAuthorizationIsSuccessful_WhenUserIsAllowedToAccessResourceAsSupportAdminUser(string url, string[] expectedTexts) | ||
{ | ||
var _httpClient = BuildHttpClient([], [PersonScopes.SupportAdmin]); | ||
|
||
var request = new HttpRequestMessage(HttpMethod.Get, url); | ||
|
||
var response = await _httpClient.SendAsync(request); | ||
|
||
var responseBody = await response.Content.ReadAsStringAsync(); | ||
|
||
responseBody.Should().NotBeNull(); | ||
response.StatusCode.Should().Be(HttpStatusCode.OK); | ||
foreach (string expectedText in expectedTexts) | ||
{ | ||
responseBody.Should().Contain(expectedText); | ||
} | ||
} | ||
|
||
[Theory] | ||
[MemberData(nameof(TestCases))] | ||
public async Task TestAuthorizationIsSuccessful_WhenUserIsAllowedToAccessResourceAsAdminUser(string url, string[] expectedTexts) | ||
{ | ||
var _httpClient = BuildHttpClient([OrganisationPersonScopes.Admin]); | ||
var _httpClient = BuildHttpClient([OrganisationPersonScopes.Admin], []); | ||
|
||
var request = new HttpRequestMessage(HttpMethod.Get, url); | ||
|
||
|
@@ -137,7 +161,7 @@ public async Task TestAuthorizationIsSuccessful_WhenUserIsAllowedToAccessResourc | |
[MemberData(nameof(TestCases))] | ||
public async Task TestAuthorizationIsUnsuccessful_WhenUserIsNotAllowedToAccessResourceAsEditorUser(string url, string[] _) | ||
{ | ||
var _httpClient = BuildHttpClient([OrganisationPersonScopes.Editor]); | ||
var _httpClient = BuildHttpClient([OrganisationPersonScopes.Editor], []); | ||
|
||
var request = new HttpRequestMessage(HttpMethod.Get, url); | ||
|
||
|
@@ -154,7 +178,7 @@ public async Task TestAuthorizationIsUnsuccessful_WhenUserIsNotAllowedToAccessRe | |
[MemberData(nameof(TestCases))] | ||
public async Task TestAuthorizationIsUnsuccessful_WhenUserIsNotAllowedToAccessResourceAsUserWithoutPermissions(string url, string[] _) | ||
{ | ||
var _httpClient = BuildHttpClient([]); | ||
var _httpClient = BuildHttpClient([], []); | ||
|
||
var request = new HttpRequestMessage(HttpMethod.Get, url); | ||
|
||
|
@@ -170,7 +194,7 @@ public async Task TestAuthorizationIsUnsuccessful_WhenUserIsNotAllowedToAccessRe | |
[Fact] | ||
public async Task TestCanSeeUsersLinkOnOrganisationPage_WhenUserIsAllowedToAccessResourceAsAdminUser() | ||
{ | ||
var _httpClient = BuildHttpClient([ OrganisationPersonScopes.Admin, OrganisationPersonScopes.Viewer ]); | ||
var _httpClient = BuildHttpClient([ OrganisationPersonScopes.Admin, OrganisationPersonScopes.Viewer ], []); | ||
|
||
var request = new HttpRequestMessage(HttpMethod.Get, $"/organisation/{testOrganisationId}"); | ||
|
||
|
@@ -187,7 +211,7 @@ public async Task TestCanSeeUsersLinkOnOrganisationPage_WhenUserIsAllowedToAcces | |
[Fact] | ||
public async Task TestCannotSeeUsersLinkOnOrganisationPage_WhenUserIsNotAllowedToAccessResourceAsEditorUser() | ||
{ | ||
var _httpClient = BuildHttpClient([ OrganisationPersonScopes.Editor ]); | ||
var _httpClient = BuildHttpClient([ OrganisationPersonScopes.Editor ], []); | ||
|
||
var request = new HttpRequestMessage(HttpMethod.Get, $"/organisation/{testOrganisationId}"); | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -229,7 +229,7 @@ public async Task OnGet_UnknownActionParameter_ShouldReturnToIndex() | |
private readonly AuthenticateResult authResultFail = AuthenticateResult.Fail(new Exception("Auth failed")); | ||
|
||
private readonly Person.WebApiClient.Person dummyPerson | ||
= new("[email protected]", "firstdummy", new Guid("0bacf3d1-3b69-4efa-80e9-3623f4b7786e"), "lastdummy"); | ||
= new("[email protected]", "firstdummy", new Guid("0bacf3d1-3b69-4efa-80e9-3623f4b7786e"), "lastdummy", new List<string>()); | ||
|
||
private OneLogin GivenOneLoginCallbackModel() | ||
{ | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -289,7 +289,7 @@ public async Task OnPost_UnprocessableEntity_AddsModelError() | |
} | ||
|
||
private readonly Person.WebApiClient.Person dummyPerson | ||
= new("[email protected]", "firstdummy", Guid.NewGuid(), "lastdummy"); | ||
= new("[email protected]", "firstdummy", Guid.NewGuid(), "lastdummy", new List<string>()); | ||
|
||
private YourDetailsModel GivenYourDetailsModel() | ||
{ | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
namespace CO.CDP.OrganisationApp.Constants; | ||
|
||
public class PersonScopes | ||
{ | ||
public const string SupportAdmin = "SUPPORTADMIN"; | ||
} | ||
|
||
public class PersonScopeRequirement | ||
{ | ||
public const string SupportAdmin = "PersonScope_" + PersonScopes.SupportAdmin; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,7 @@ | ||
public interface IUserInfoService | ||
{ | ||
public Task<ICollection<String>> GetUserScopes(); | ||
public Guid? GetOrganisationId(); | ||
public Task<ICollection<String>> GetOrganisationUserScopes(); | ||
|
||
public Task<bool> UserHasScope(string scope); | ||
} |
4 changes: 3 additions & 1 deletion
4
Frontend/CO.CDP.OrganisationApp/Pages/Support/Organisations.cshtml.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -25,25 +25,28 @@ public async Task ItReturnsNullIfNoPersonIsFound() | |
public async Task ItReturnsTheFoundPerson() | ||
{ | ||
var persontId = Guid.NewGuid(); | ||
var scopes = new List<string>(); | ||
var tenant = new OrganisationInformation.Persistence.Person | ||
{ | ||
Id = 42, | ||
Guid = persontId, | ||
Email = "[email protected]", | ||
FirstName = "fn", | ||
LastName = "ln", | ||
Scopes = scopes | ||
}; | ||
|
||
_repository.Setup(r => r.Find(persontId)).ReturnsAsync(tenant); | ||
|
||
var found = await UseCase.Execute(persontId); | ||
|
||
found.Should().Be(new Model.Person | ||
found.Should().BeEquivalentTo(new Model.Person | ||
{ | ||
Id = persontId, | ||
FirstName = "fn", | ||
LastName = "ln", | ||
Email = "[email protected]", | ||
Scopes = scopes | ||
}); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -24,14 +24,16 @@ public async Task Execute_IfNoPersonIsFound_ReturnsNull() | |
public async Task Execute_IfPersonIsFound_ReturnsPerson() | ||
{ | ||
var personId = Guid.NewGuid(); | ||
var scopes = new List<string>(); | ||
var persistencePerson = new OrganisationInformation.Persistence.Person | ||
{ | ||
Id = 1, | ||
Guid = personId, | ||
FirstName = "fn", | ||
LastName = "ln", | ||
Email = "[email protected]", | ||
UserUrn = "urn:fdc:gov.uk:2022:7wTqYGMFQxgukTSpSI2GodMwe9" | ||
UserUrn = "urn:fdc:gov.uk:2022:7wTqYGMFQxgukTSpSI2GodMwe9", | ||
Scopes = scopes | ||
}; | ||
|
||
_repository.Setup(r => r.FindByUrn(persistencePerson.UserUrn)).ReturnsAsync(persistencePerson); | ||
|
@@ -44,6 +46,7 @@ public async Task Execute_IfPersonIsFound_ReturnsPerson() | |
Email = "[email protected]", | ||
FirstName = "fn", | ||
LastName = "ln", | ||
Scopes = scopes | ||
}, options => options.ComparingByMembers<Model.Person>()); | ||
} | ||
} |
Oops, something went wrong.