Geeks With Blogs

News Please visit me at my new blog!!

profile for Aligned at Stack Overflow, Q&A for professional and enthusiast programmers
"free in Christ Jesus from the law of sin and death." Romans 8:2 (ESV) Check out the Falling Plates video on YouTube.
more about the Gospel
And then listen to Francis Chan speaking at LifeLight in SD.



Programming and Learning from SD

I wanted to Unit Test (in BDD I’d call it a specification) that the controller had the authorize attribute so I found this approach in a GoodSearch a while back and forgotten who to give credit for it, but I thought I’d post it, so I won’t have to search for it next time. I put this in a base class and it’s been very useful.

EDIT: March 21st, 2013 I added a way to also verify the correct roles are in the attribute. This is especially nice, sine the attribute takes strings.

[Authorize(Roles = "Super Admin, User Admin")]
public void MyController2{}

[Authorize]
public void MyController{}
/// <summary> It should require authorization for Controller or ApiController.</summary>
/// <param name="controller"> The controller.</param>
/// <returns>The Authorize Attribute from the controller .</returns>
protected AuthorizeAttribute It_Should_Require_Authorization(object controller)
{
    var type = controller.GetType();
    var attributes = type.GetCustomAttributes(typeof(AuthorizeAttribute), true);
    Assert.IsTrue(attributes.Any(), "No AuthorizeAttribute found");
    return attributes.Any() ? attributes[0] as AuthorizeAttribute : null;
}

/// <summary> It should require authorization for Controller or ApiController.</summary>
/// <param name="controller"> The controller.</param>
/// <param name="roles">      The roles.</param>
protected void It_Should_Require_Authorization(object controller, string[] roles)
{
    var authorizeAttribute = this.It_Should_Require_Authorization(controller);
    if (!roles.Any())
    {
        return;
    }

    if (authorizeAttribute == null)
    {
        return;
    }

    bool all = authorizeAttribute.Roles.Split(',').All(r => roles.Contains(r.Trim()));
    Assert.IsTrue(all);
}
And to call it: 
[TestMethod]
[TestCategory("MyController")]
public void It_Should_Require_Authorization()
{
  // where this.Controller is the controller you are testing  
  this.It_Should_Require_Authorization(this.Controller);
}
[TestMethod]
[TestCategory("MyController2")]
public void It_Should_Require_Authorization()
{
    var roles = new[] { “Super Admin”, “User Admin” };
    this.It_Should_Require_Authorization(this.Controller, roles);
}
Posted on Friday, March 15, 2013 1:27 PM MVC , Unit Testing | Back to top


Comments on this post: Specification Test for the Authorized Attribute in MVC

No comments posted yet.
Your comment:
 (will show your gravatar)


Copyright © Aligned | Powered by: GeeksWithBlogs.net