Pat*_*ote 9 c# unit-testing authorization asp.net-core asp.net-core-2.0
我在.NET 2.1的核心使用基于资源的授权模式所描述这里.我唯一的问题是我不知道如何AuthorizationHandler干净地测试我.
这里有人做过类似的事吗?
AuthorizationHandler 样本(来自上面的链接):
public class DocumentAuthorizationHandler :
AuthorizationHandler<SameAuthorRequirement, Document>
{
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context,
SameAuthorRequirement requirement,
Document resource)
{
if (context.User.Identity?.Name == resource.Author)
{
context.Succeed(requirement);
}
return Task.CompletedTask;
}
}
public class SameAuthorRequirement : IAuthorizationRequirement { }
Nko*_*osi 13
所有必需的依赖项都可用于隔离单元测试.
HandleRequirementAsync可通过以下方式访问所需的测试方法Task HandleAsync(AuthorizationHandlerContext context)
/// <summary>
/// Makes a decision if authorization is allowed.
/// </summary>
/// <param name="context">The authorization context.</param>
public virtual async Task HandleAsync(AuthorizationHandlerContext context)
{
if (context.Resource is TResource)
{
foreach (var req in context.Requirements.OfType<TRequirement>())
{
await HandleRequirementAsync(context, req, (TResource)context.Resource);
}
}
}
并且该成员仅依赖于AuthorizationHandlerContext具有如下构造函数的构件
public AuthorizationHandlerContext(
IEnumerable<IAuthorizationRequirement> requirements,
ClaimsPrincipal user,
object resource) {
//... omitted for brevity
}
简单的隔离单元测试,验证预期的行为DocumentAuthorizationHandler.
public async Task DocumentAuthorizationHandler_Should_Succeed() {
//Arrange
var requirements = new [] { new SameAuthorRequirement()};
var author = "author";
var user = new ClaimsPrincipal(
new ClaimsIdentity(
new Claim[] {
new Claim(ClaimsIdentity.DefaultNameClaimType, author),
},
"Basic")
);
var resource = new Document {
Author = author
};
var context = new AuthorizationHandlerContext(requirements, user, resource);
var subject = new DocumentAuthorizationHandler();
//Act
await subject.HandleAsync(context);
//Assert
context.HasSucceeded.Should().BeTrue(); //FluentAssertions
}
| 归档时间: |
|
| 查看次数: |
1590 次 |
| 最近记录: |