37 lines
1.2 KiB
C#
37 lines
1.2 KiB
C#
using BuildingBlock.Identity.Contracts.Requests;
|
|
using Thalos.Domain.Contracts;
|
|
using Thalos.Domain.Decisions;
|
|
|
|
namespace Thalos.Domain.UnitTests;
|
|
|
|
public class IdentityPolicyDecisionServiceTests
|
|
{
|
|
[Fact]
|
|
public void Evaluate_WhenPermissionMatchedAndContextSatisfied_ReturnsAllowed()
|
|
{
|
|
var service = new IdentityPolicyDecisionService();
|
|
var request = new EvaluateIdentityPolicyRequest("user-1", "tenant-1", "identity.token.issue");
|
|
var context = new IdentityPolicyContextData(
|
|
request.SubjectId,
|
|
request.PermissionCode,
|
|
true,
|
|
["identity.token.issue", "identity.policy.evaluate"]);
|
|
|
|
var response = service.Evaluate(request, context);
|
|
|
|
Assert.True(response.IsAllowed);
|
|
}
|
|
|
|
[Fact]
|
|
public void Evaluate_WhenPermissionMissing_ReturnsDenied()
|
|
{
|
|
var service = new IdentityPolicyDecisionService();
|
|
var request = new EvaluateIdentityPolicyRequest("user-1", "tenant-1", "identity.token.issue");
|
|
var context = new IdentityPolicyContextData(request.SubjectId, request.PermissionCode, true, ["identity.read"]);
|
|
|
|
var response = service.Evaluate(request, context);
|
|
|
|
Assert.False(response.IsAllowed);
|
|
}
|
|
}
|