Mercurial > altnet-hispano
annotate Agendas/trunk/src/Agendas.Web.Tests/AutorizationsTests.cs @ 240:01a9b47185eb
Tests de Twitter, daban en rojo por mensaje fijo (01/10/2011).
author | juanjose.montesdeocaarbos |
---|---|
date | Wed, 05 Oct 2011 07:41:30 -0300 |
parents | b9850b647a4e |
children | 52fe43e36f5f |
rev | line source |
---|---|
179 | 1 using System; |
2 using System.Collections.Generic; | |
3 using System.Linq; | |
4 using System.Reflection; | |
5 using System.Web.Mvc; | |
6 using AltNetHispano.Agendas.Domain; | |
7 using AltNetHispano.Agendas.Web.Controllers; | |
8 using NUnit.Framework; | |
9 | |
10 namespace Agendas.Web.Tests | |
11 { | |
12 [TestFixture] | |
13 public class Autorizaciones | |
14 { | |
15 private IEnumerable<MethodInfo> _methods; | |
16 | |
17 [TestFixtureSetUp] | |
18 public void ReadMethods() | |
19 { | |
20 var types = typeof (HomeController).Assembly.GetTypes().ToList(); | |
21 var controllers = types.Where(t => typeof (Controller).IsAssignableFrom(t)).ToList(); | |
22 | |
23 var methods = new List<MethodInfo>(); | |
24 foreach (var controller in controllers) | |
25 { | |
26 var temp = | |
27 controller.GetMethods(BindingFlags.Public | BindingFlags.Instance | ~BindingFlags.FlattenHierarchy).Where( | |
183
212c664db5aa
Generalización del manejo de las acciones sobre eventos
nelopauselli
parents:
179
diff
changeset
|
28 m => !m.IsPrivate && typeof (ActionResult).IsAssignableFrom(m.ReturnType)); |
179 | 29 |
30 methods.AddRange(temp); | |
31 } | |
32 | |
33 _methods = methods; | |
34 } | |
35 | |
36 [Test] | |
37 public void Acciones_publicas() | |
38 { | |
39 var acciones = new[] | |
40 { | |
41 "HomeController.Index", "HomeController.About", "EventoController.Index", "AccountController.LogOn", | |
42 "AccountController.LogOff", "AccountController.TwitterLogOn", "HistoricoController.Index", | |
43 "PersonaController.Index", "ErrorController.NoAutorizado" | |
44 }; | |
45 | |
46 #region Asserts | |
47 | |
48 bool fail = false; | |
49 foreach (var method in _methods) | |
50 { | |
51 var action = method.DeclaringType.Name + "." + method.Name; | |
52 if (acciones.Contains(action)) | |
53 { | |
54 if (method.GetCustomAttributes(typeof (CustomAuthorizeAttribute), false).Any()) | |
55 { | |
56 fail = true; | |
57 Console.WriteLine(action + " debe ser público"); | |
58 } | |
59 } | |
60 else | |
61 { | |
62 if (!method.GetCustomAttributes(typeof (CustomAuthorizeAttribute), false).Any()) | |
63 { | |
64 fail = true; | |
65 Console.WriteLine(action + " debe ser seguro"); | |
66 } | |
67 } | |
68 } | |
69 | |
70 Assert.IsFalse(fail); | |
71 | |
72 #endregion | |
73 } | |
74 | |
75 [Test] | |
76 public void Acciones_privadas() | |
77 { | |
78 var acciones = new[] | |
79 { | |
80 "PerfilController.Index", "PerfilController.AddGoogleAccount", "PerfilController.AddTwitterAccount", | |
81 "PerfilController.Remove", "PerfilController.Modificar" | |
82 }; | |
83 | |
84 VerficarAccionesSeguras(acciones, Roles.Usuario, "debe ser privado"); | |
85 } | |
86 | |
87 [Test] | |
88 public void Acciones_del_administrador() | |
89 { | |
90 var acciones = new[] | |
91 { | |
92 "EventoController.Agendar", "EventoController.Confirmar", "EventoController.Nuevo", | |
93 "EventoController.Publicar", "EventoController.Modificar", "EventoController.Proponer", | |
94 "EventoController.Cancelar", "EventoController.Descartar", "EventoController.ReAgendar", | |
209
a36a76bd6ec3
Se soluciona ticket 173. Se agrega eliminación de personas siempre y cuando no esté asociada a ninguna van.
alabra
parents:
183
diff
changeset
|
95 "EventoController.ReProponer", "PersonaController.Nueva", "PersonaController.Modificar", |
219
b9850b647a4e
Agregando alta de ponente durante la carga del evento
nelopauselli
parents:
209
diff
changeset
|
96 "PersonaController.Quitar", "PersonaApiController.Nueva" |
179 | 97 }; |
98 | |
99 VerficarAccionesSeguras(acciones, Roles.Administrador, "debe ser de uso exclusivo de los administradores"); | |
100 } | |
101 | |
102 private void VerficarAccionesSeguras(IEnumerable<string> acciones, string rol, string mensaje) | |
103 { | |
104 bool fail = false; | |
105 foreach (var method in _methods) | |
106 { | |
107 var action = method.DeclaringType.Name + "." + method.Name; | |
108 if (acciones.Contains(action)) | |
109 { | |
110 if (method.GetCustomAttributes(typeof (CustomAuthorizeAttribute), false).Any()) | |
111 { | |
112 var found = | |
113 method.GetCustomAttributesData().Any(d => d.NamedArguments.Any(a => rol.Equals(a.TypedValue.Value))); | |
114 | |
115 if (!found) | |
116 { | |
117 fail = true; | |
118 Console.WriteLine(action + " " + mensaje); | |
119 } | |
120 } | |
121 else | |
122 { | |
123 fail = true; | |
124 Console.WriteLine(action + " debe ser seguro"); | |
125 } | |
126 } | |
127 else if (method.GetCustomAttributes(typeof (CustomAuthorizeAttribute), false).Any()) | |
128 { | |
129 var found = | |
130 method.GetCustomAttributesData().Any(d => d.NamedArguments.Any(a => rol.Equals(a.TypedValue.Value))); | |
131 | |
132 if (found) | |
133 { | |
134 fail = true; | |
135 Console.WriteLine(action + " no " + mensaje); | |
136 } | |
137 } | |
138 } | |
139 Assert.IsFalse(fail); | |
140 } | |
141 } | |
142 } |