Skip to content

Instantly share code, notes, and snippets.

@Lutando
Created March 20, 2017 19:48
Show Gist options
  • Save Lutando/944b9ac22edaa3dc561707100c834dc1 to your computer and use it in GitHub Desktop.
Save Lutando/944b9ac22edaa3dc561707100c834dc1 to your computer and use it in GitHub Desktop.
[Fact]
[Trait("Category", Category)]
public async void HandleDelete_WhenCalledWithNonResourceOwner_ShouldFail()
{
var resource = make_PostDefault();
var authorizationModel = PostAuthorizationModel.From(resource);
//we use an invalid user this time
var user = new ClaimsPrincipal(new ClaimsIdentity(new List<Claim> { new Claim("sub", InvalidUserIdDefault.ToString()) }));
var requirement = PostOperations.Delete;
var authorizationContext = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement }, user, authorizationModel);
var authorizationHandler = new PostAuthorizationHandler();
await authorizationHandler.HandleAsync(authorizationContext);
Assert.False(authorizationContext.HasSucceeded);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment