53 lines
1.7 KiB
C#
53 lines
1.7 KiB
C#
using System.Security.Claims;
|
|
using JobTrackerApi.Data;
|
|
using JobTrackerApi.Models;
|
|
using JobTrackerApi.Services;
|
|
using JobTrackerApi.Tests.TestSupport;
|
|
using Microsoft.EntityFrameworkCore;
|
|
using Xunit;
|
|
|
|
namespace JobTrackerApi.Tests;
|
|
|
|
public sealed class LocalAuthIdentityTests
|
|
{
|
|
[Fact]
|
|
public void GetRequiredUserId_returns_null_when_subject_claim_is_missing()
|
|
{
|
|
var principal = new ClaimsPrincipal(new ClaimsIdentity(new[]
|
|
{
|
|
new Claim(ClaimTypes.Email, "ghost@example.com")
|
|
}, "local"));
|
|
|
|
var userId = LocalAuthIdentity.GetRequiredUserId(principal);
|
|
|
|
Assert.Null(userId);
|
|
}
|
|
|
|
[Fact]
|
|
public void GetRequiredUserId_returns_nameidentifier_when_present()
|
|
{
|
|
var principal = new ClaimsPrincipal(new ClaimsIdentity(new[]
|
|
{
|
|
new Claim(ClaimTypes.NameIdentifier, "user-123")
|
|
}, "local"));
|
|
|
|
var userId = LocalAuthIdentity.GetRequiredUserId(principal);
|
|
|
|
Assert.Equal("user-123", userId);
|
|
}
|
|
|
|
[Fact]
|
|
public async Task Owner_scoped_query_filters_fail_closed_when_current_user_is_missing()
|
|
{
|
|
await using var db = TestHostFactory.CreateInMemoryDb(null);
|
|
db.Companies.Add(new Company { Name = "Secret Co", OwnerUserId = "user-1" });
|
|
db.JobApplications.Add(new JobApplication { JobTitle = "Secret Job", Status = "Applied", OwnerUserId = "user-1" });
|
|
db.UserRuleSettings.Add(new UserRuleSettings { OwnerUserId = "user-1", AppliedFollowUpDays = 5 });
|
|
await db.SaveChangesAsync();
|
|
|
|
Assert.Empty(await db.Companies.ToListAsync());
|
|
Assert.Empty(await db.JobApplications.ToListAsync());
|
|
Assert.Empty(await db.UserRuleSettings.ToListAsync());
|
|
}
|
|
}
|