using System.Security.Claims; using Bit.Core.Context; using Bit.Core.Exceptions; using Bit.Core.Vault.Authorization.SecurityTasks; using Bit.Core.Vault.Entities; using Bit.Core.Vault.Enums; using Bit.Core.Vault.Queries; using Bit.Core.Vault.Repositories; using Bit.Test.Common.AutoFixture; using Bit.Test.Common.AutoFixture.Attributes; using Microsoft.AspNetCore.Authorization; using NSubstitute; using Xunit; namespace Bit.Core.Test.Vault.Queries; [SutProviderCustomize] public class GetTasksForOrganizationQueryTests { [Theory, BitAutoData] public async Task GetTasksAsync_Success( Guid userId, CurrentContextOrganization org, SutProvider sutProvider) { var status = SecurityTaskStatus.Pending; sutProvider.GetDependency().HttpContext.User.Returns(new ClaimsPrincipal()); sutProvider.GetDependency().UserId.Returns(userId); sutProvider.GetDependency().GetOrganization(org.Id).Returns(org); sutProvider.GetDependency().AuthorizeAsync( Arg.Any(), org, Arg.Is>( e => e.Contains(SecurityTaskOperations.ListAllForOrganization) ) ).Returns(AuthorizationResult.Success()); sutProvider.GetDependency().GetManyByOrganizationIdStatusAsync(org.Id, status).Returns(new List() { new() { Id = Guid.NewGuid() }, new() { Id = Guid.NewGuid() }, }); var result = await sutProvider.Sut.GetTasksAsync(org.Id, status); Assert.Equal(2, result.Count); sutProvider.GetDependency().Received(1).AuthorizeAsync( Arg.Any(), org, Arg.Is>( e => e.Contains(SecurityTaskOperations.ListAllForOrganization) ) ); sutProvider.GetDependency().Received(1).GetManyByOrganizationIdStatusAsync(org.Id, SecurityTaskStatus.Pending); } [Theory, BitAutoData] public async Task GetTaskAsync_MissingOrg_Failure(Guid userId, SutProvider sutProvider) { sutProvider.GetDependency().UserId.Returns(userId); sutProvider.GetDependency().GetOrganization(Arg.Any()).Returns((CurrentContextOrganization)null); await Assert.ThrowsAsync(() => sutProvider.Sut.GetTasksAsync(Guid.NewGuid())); } [Theory, BitAutoData] public async Task GetTaskAsync_MissingUser_Failure(CurrentContextOrganization org, SutProvider sutProvider) { sutProvider.GetDependency().UserId.Returns(null as Guid?); sutProvider.GetDependency().GetOrganization(org.Id).Returns(org); await Assert.ThrowsAsync(() => sutProvider.Sut.GetTasksAsync(org.Id)); } [Theory, BitAutoData] public async Task GetTasksAsync_Unauthorized_Failure( Guid userId, CurrentContextOrganization org, SutProvider sutProvider) { sutProvider.GetDependency().HttpContext.User.Returns(new ClaimsPrincipal()); sutProvider.GetDependency().UserId.Returns(userId); sutProvider.GetDependency().GetOrganization(org.Id).Returns(org); sutProvider.GetDependency().AuthorizeAsync( Arg.Any(), org, Arg.Is>( e => e.Contains(SecurityTaskOperations.ListAllForOrganization) ) ).Returns(AuthorizationResult.Failed()); await Assert.ThrowsAsync(() => sutProvider.Sut.GetTasksAsync(org.Id)); sutProvider.GetDependency().Received(1).AuthorizeAsync( Arg.Any(), org, Arg.Is>( e => e.Contains(SecurityTaskOperations.ListAllForOrganization) ) ); sutProvider.GetDependency().Received(0).GetManyByOrganizationIdStatusAsync(org.Id, SecurityTaskStatus.Pending); } }