c# User.IsInRole 在单元测试中失败

【问题标题】:c# User.IsInRole fails on unit testc# User.IsInRole 在单元测试中失败
【发布时间】:2021-05-03 11:05:11
【问题描述】:

我有这个方法:

[HttpPut]
[AuthorizeClaim("field:write")]
[ApiConventionMethod(typeof(AttemptApiConventions), nameof(AttemptApiConventions.AttemptPut))]
public override async Task<ActionResult<Field>> UpdateAsync(Field model)
{
    var getAttempt = await Mediator.Send(new GenericGet<Field>(model.Id));
    if (getAttempt.Failure) return Ok(getAttempt);
    
    var field = getAttempt.Result;
    
    if (!field.IsSpecification && !User.IsInRole("Administrator"))
        return Ok(new ForbiddenError(string.Format(Resources.PermissionError, "this field")).ToAttempt<Field>());

    if (!field.IsSpecification && model.Name != field.Name)
        return Ok(new ValidationError(string.Format(Resources.CannotBeChanged, nameof(Field.Name))).ToAttempt<Field>());

    return await base.UpdateAsync(model);
}

如您所见,我检查 User.IsInRole 在尝试更改字段时是否显示不同的错误消息。 问题是,我有这个单元测试:

[Test]
public async Task ReturnBadRequestIfSpecificationFieldNameChanges()
{
    // Assemble
    var model = new Field {Id = 1, IsSpecification = false, Name = "Test"};
    var services = FieldsControllerContext.GivenServices();
    var controller = services.WhenCreateController("Administrator");

    services.Mediator.Send(Arg.Any<GenericGet<Field>>())
        .Returns(new Field {Id = 1, IsSpecification = false, Name = "Old"});

    // Act
    var actionResult = await controller.UpdateAsync(model);

    // Assert
    actionResult.ShouldBeBadRequest(string.Format(Sxp.Web.Properties.Resources.CannotBeChanged, nameof(Field.Name)));
}

看看services.WhenCreateController("Administrator");这一行。它正在传递我希望被模拟用户成为成员的角色。这是这样设置的:

public static class ControllerExtensions
{
    public static T WithUser<T>(this T controller, string roles = null) where T: ControllerBase
    {
        var id = Guid.NewGuid().ToString();
        var claims = new List<Claim>
        {
            new Claim(ClaimTypes.Name, "example name"),
            new Claim(ClaimTypes.NameIdentifier, id),
            new Claim(JwtClaimTypes.Subject, id),
        };

        if (!string.IsNullOrEmpty(roles))
        {
            var r = roles.Split(",");

            claims.AddRange(r.Select(role => new Claim(JwtClaimTypes.Role, role)));
        }

        var user = new ClaimsPrincipal(new ClaimsIdentity(claims, "mock"));

        controller.ControllerContext = new ControllerContext
        {
            HttpContext = new DefaultHttpContext
            {
                User = user
            }
        };

        return controller;
    }
}

当我调试我的测试时,我可以看到:

谁能告诉我为什么?

【问题讨论】:

  • 运行测试后Action Result有什么作用?

标签: c# user-roles


【解决方案1】:

我找到了答案。这条线是罪魁祸首:

claims.AddRange(r.Select(role => new Claim(JwtClaimTypes.Role, role)));

它检查的不是JwtClaimTypes,它实际上检查的是:

"http://schemas.microsoft.com/ws/2008/06/identity/claims/role"

【讨论】:

    猜你喜欢
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 2016-02-22
    • 2018-11-25
    • 1970-01-01
    • 1970-01-01
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode