Merge pull request #64 from StuartFerguson/task/#58_securemerchantcontroller

StuartFerguson · web-flow · commit 2ebd8cee0642 · 2019-12-21T11:41:51.000Z
Finish security with tests
diff --git a/EstateManagement.IntegrationTests/Shared/SharedSteps.cs b/EstateManagement.IntegrationTests/Shared/SharedSteps.cs
@@ -107,6 +107,14 @@ public async Task WhenICreateTheFollowingMerchants(Table table)
         {
             foreach (TableRow tableRow in table.Rows)
             {
+                // lookup the estate id based on the name in the table
+                EstateDetails estateDetails = this.TestingContext.GetEstateDetails(tableRow);
+                String token = this.TestingContext.AccessToken;
+                if (String.IsNullOrEmpty(estateDetails.AccessToken) == false)
+                {
+                    token = estateDetails.AccessToken;
+                }
+
                 String merchantName = SpecflowTableHelper.GetStringRowValue(tableRow, "MerchantName");
                 CreateMerchantRequest createMerchantRequest = new CreateMerchantRequest
                                                               {
@@ -124,12 +132,9 @@ public async Task WhenICreateTheFollowingMerchants(Table table)
                                                                                 Country = SpecflowTableHelper.GetStringRowValue(tableRow, "Country")
                                                                             }
                                                               };
-
-                // lookup the estate id based on the name in the table
-                EstateDetails estateDetails = this.TestingContext.GetEstateDetails(tableRow);
-
+                
                 CreateMerchantResponse response = await this.TestingContext.DockerHelper.EstateClient
-                                                            .CreateMerchant(String.Empty, estateDetails.EstateId, createMerchantRequest, CancellationToken.None).ConfigureAwait(false);
+                                                            .CreateMerchant(token, estateDetails.EstateId, createMerchantRequest, CancellationToken.None).ConfigureAwait(false);
 
                 response.ShouldNotBeNull();
                 response.EstateId.ShouldBe(estateDetails.EstateId);
@@ -149,7 +154,13 @@ public async Task WhenICreateTheFollowingMerchants(Table table)
 
                 Guid merchantId = estateDetails.GetMerchantId(merchantName);
 
-                MerchantResponse merchant = await this.TestingContext.DockerHelper.EstateClient.GetMerchant(String.Empty, estateDetails.EstateId, merchantId, CancellationToken.None).ConfigureAwait(false);
+                String token = this.TestingContext.AccessToken;
+                if (String.IsNullOrEmpty(estateDetails.AccessToken) == false)
+                {
+                    token = estateDetails.AccessToken;
+                }
+
+                MerchantResponse merchant = await this.TestingContext.DockerHelper.EstateClient.GetMerchant(token, estateDetails.EstateId, merchantId, CancellationToken.None).ConfigureAwait(false);
 
                 merchant.MerchantName.ShouldBe(merchantName);
             }
@@ -162,6 +173,12 @@ public async Task WhenIAssignTheFollowingOperatorToTheMerchants(Table table)
             {
                 EstateDetails estateDetails = this.TestingContext.GetEstateDetails(tableRow);
 
+                String token = this.TestingContext.AccessToken;
+                if (String.IsNullOrEmpty(estateDetails.AccessToken) == false)
+                {
+                    token = estateDetails.AccessToken;
+                }
+
                 // Lookup the merchant id
                 String merchantName = SpecflowTableHelper.GetStringRowValue(tableRow, "MerchantName");
                 Guid merchantId = estateDetails.GetMerchantId(merchantName);
@@ -177,7 +194,7 @@ public async Task WhenIAssignTheFollowingOperatorToTheMerchants(Table table)
                                                                   TerminalNumber = SpecflowTableHelper.GetStringRowValue(tableRow, "TerminalNumber"),
                                                               };
 
-                AssignOperatorResponse assignOperatorResponse = await this.TestingContext.DockerHelper.EstateClient.AssignOperatorToMerchant(String.Empty, estateDetails.EstateId, merchantId, assignOperatorRequest, CancellationToken.None).ConfigureAwait(false);
+                AssignOperatorResponse assignOperatorResponse = await this.TestingContext.DockerHelper.EstateClient.AssignOperatorToMerchant(token, estateDetails.EstateId, merchantId, assignOperatorRequest, CancellationToken.None).ConfigureAwait(false);
                 
                 assignOperatorResponse.EstateId.ShouldBe(estateDetails.EstateId);
                 assignOperatorResponse.MerchantId.ShouldBe(merchantId);
@@ -195,7 +212,7 @@ public async Task WhenICreateTheFollowingSecurityUsers(Table table)
             {
                 // lookup the estate id based on the name in the table
                 EstateDetails estateDetails = this.TestingContext.GetEstateDetails(tableRow);
-
+                
                 if (tableRow.ContainsKey("EstateName") && tableRow.ContainsKey("MerchantName") == false)
                 {
                     // Creating an Estate User
@@ -221,7 +238,11 @@ public async Task WhenICreateTheFollowingSecurityUsers(Table table)
                 else if (tableRow.ContainsKey("MerchantName"))
                 {
                     // Creating a merchant user
-
+                    String token = this.TestingContext.AccessToken;
+                    if (String.IsNullOrEmpty(estateDetails.AccessToken) == false)
+                    {
+                        token = estateDetails.AccessToken;
+                    }
                     // lookup the merchant id based on the name in the table
                     String merchantName = SpecflowTableHelper.GetStringRowValue(tableRow, "MerchantName");
                     Guid merchantId = estateDetails.GetMerchantId(merchantName);
@@ -236,7 +257,7 @@ public async Task WhenICreateTheFollowingSecurityUsers(Table table)
                                                                       };
 
                     CreateMerchantUserResponse createMerchantUserResponse = 
-                        await this.TestingContext.DockerHelper.EstateClient.CreateMerchantUser(String.Empty, estateDetails.EstateId, merchantId, createMerchantUserRequest, CancellationToken.None);
+                        await this.TestingContext.DockerHelper.EstateClient.CreateMerchantUser(token, estateDetails.EstateId, merchantId, createMerchantUserRequest, CancellationToken.None);
 
                     createMerchantUserResponse.EstateId.ShouldBe(estateDetails.EstateId);
                     createMerchantUserResponse.MerchantId.ShouldBe(merchantId);
diff --git a/EstateManagement/Controllers/EstateController.cs b/EstateManagement/Controllers/EstateController.cs
@@ -27,6 +27,7 @@
     [Route(EstateController.ControllerRoute)]
     [ApiController]
     [ApiVersion("1.0")]
+    [Authorize]
     public class EstateController : ControllerBase
     {
         #region Fields
diff --git a/EstateManagement/Controllers/MerchantController.cs b/EstateManagement/Controllers/MerchantController.cs
@@ -22,6 +22,7 @@
     using CreateMerchantUserRequestDTO = DataTransferObjects.Requests.CreateMerchantUserRequest;
     using EstateManagement.Common;
     using System.Security.Claims;
+    using Microsoft.AspNetCore.Authorization;
 
     /// <summary>
     /// 
@@ -31,6 +32,7 @@
     [Route(MerchantController.ControllerRoute)]
     [ApiController]
     [ApiVersion("1.0")]
+    [Authorize]
     public class MerchantController : ControllerBase
     {
         #region Fields

Original file line number	Diff line number	Diff line change
`@@ -27,6 +27,7 @@`
`27`	`27`	`[Route(EstateController.ControllerRoute)]`
`28`	`28`	`[ApiController]`
`29`	`29`	`[ApiVersion("1.0")]`
	`30`	`+ [Authorize]`
`30`	`31`	`public class EstateController : ControllerBase`
`31`	`32`	`{`
`32`	`33`	`#region Fields`