Skip to content

Commit

Permalink
Add Tests for User/Admin access to Deliveries with filter
Browse files Browse the repository at this point in the history
  • Loading branch information
@Philippluca
Philippluca committed Nov 30, 2023
1 parent 2087dda commit 599dbc4
Show file tree
Hide file tree
Showing 2 changed files with 97 additions and 1 deletion.
2 changes: 1 addition & 1 deletion src/GeoCop.Api/Controllers/DeliveryController.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -145,7 +145,7 @@ public async Task<IActionResult> Get([FromQuery] int? mandateId = null)
.ToList();

if (mandateId.HasValue && !userMandatesIds.Contains(mandateId.Value))
return NotFound($"Mandate with id ${mandateId} was not found");
return NotFound();

var result = context.DeliveriesWithIncludes
.Where(d => userMandatesIds.Contains(d.DeliveryMandate.Id));
Expand Down
96 changes: 96 additions & 0 deletions tests/GeoCop.Api.Test/Controllers/DeliveryControllerTest.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -219,4 +219,100 @@ public async Task DownloadFailsAssetNotFound()
Assert.IsNotNull(result);
Assert.AreEqual(StatusCodes.Status404NotFound, result.StatusCode);
}

[TestMethod]
public async Task GetAsAdminReturnsList()
{
var admin = context.Users.First(u => u.IsAdmin);
deliveryController.SetupTestUser(admin);

var response = (await deliveryController.Get()) as ObjectResult;
var list = response?.Value as List<Delivery>;

Assert.IsNotNull(list);
Assert.AreEqual(context.Deliveries.Count(), list.Count);
}

[TestMethod]
public async Task GetAsUserReturnsListFilteredByOrganisations()
{
var user = context.Users.First(u => !u.IsAdmin);
deliveryController.SetupTestUser(user);

var response = (await deliveryController.Get()) as ObjectResult;
var list = response?.Value as List<Delivery>;

var accessibleDeliveries = context.Users
.Include(u => u.Organisations)
.ThenInclude(o => o.Mandates)
.ThenInclude(m => m.Deliveries)
.First(u => u.Id == user.Id)
.Organisations
.SelectMany(o => o.Mandates)
.SelectMany(m => m.Deliveries)
.ToList();

Assert.IsNotNull(list);
Assert.IsTrue(accessibleDeliveries.Any());
Assert.AreEqual(accessibleDeliveries.Count, list.Count);
CollectionAssert.AllItemsAreUnique(list);
}

[TestMethod]
public async Task GetAsAdminReturnsListFilteredByMandateId()
{
var admin = context.Users.First(u => u.IsAdmin);
admin.Organisations.Clear();
context.SaveChanges();
deliveryController.SetupTestUser(admin);
var mandateId = context.DeliveryMandates
.Where(m => m.Deliveries.Any())
.First()
.Id;

var response = (await deliveryController.Get(mandateId)) as ObjectResult;
var list = response?.Value as List<Delivery>;

Assert.IsNotNull(list);
Assert.AreEqual(context.Deliveries.Where(d => d.DeliveryMandate.Id == mandateId).Count(), list.Count);
}

[TestMethod]
public async Task GetAsUserReturnsNotFoundForUnauthorizedMandate()
{
var user = context.Users.First(u => !u.IsAdmin);
deliveryController.SetupTestUser(user);
var mandateId = context.DeliveryMandates
.Where(m => !m.Organisations.SelectMany(o => o.Users).Any(u => u.Id == user.Id))
.First()
.Id;

var response = await deliveryController.Get(mandateId);

Assert.IsInstanceOfType(response, typeof(NotFoundResult));
}

[TestMethod]
public async Task GetAsUserReturnsListFilteredByOrganisationsAndMandateId()
{
var user = context.Users.First(u => !u.IsAdmin);
deliveryController.SetupTestUser(user);
var mandateId = context.DeliveryMandates
.Where(m => m.Organisations.SelectMany(o => o.Users).Any(u => u.Id == user.Id) && m.Deliveries.Any())
.First()
.Id;

var response = (await deliveryController.Get(mandateId)) as ObjectResult;
var list = response?.Value as List<Delivery>;

var deliveris = context.DeliveryMandates
.Include(m => m.Deliveries)
.First(m => m.Id == mandateId)
.Deliveries;

Assert.IsNotNull(list);
Assert.IsTrue(deliveris.Any());
Assert.AreEqual(deliveris.Count, list.Count);
CollectionAssert.AllItemsAreUnique(list);
}
}

0 comments on commit 599dbc4

Please sign in to comment.