using BuildingBlock.Identity.Contracts.Requests; using BuildingBlock.Identity.Contracts.Responses; using BuildingBlock.Identity.Contracts.Conventions; using Thalos.Service.Application.Ports; using Thalos.Service.Application.UseCases; using Thalos.Domain.Contracts; using Thalos.Domain.Decisions; namespace Thalos.Service.Application.UnitTests; public class EvaluateIdentityPolicyUseCaseTests { [Fact] public async Task HandleAsync_WhenCalled_UsesIdentityContractsAndReturnsMappedResponse() { var useCase = new EvaluateIdentityPolicyUseCase( new FakeIdentityPolicyDecisionService(), new FakeIdentityPolicyContextReadPort()); var response = await useCase.HandleAsync(new EvaluateIdentityPolicyRequest("subject-1", "tenant-1", "perm.read")); Assert.Equal("subject-1", response.SubjectId); Assert.Equal("perm.read", response.PermissionCode); Assert.True(response.IsAllowed); } private sealed class FakeIdentityPolicyDecisionService : IIdentityPolicyDecisionService { public IdentityPolicyContextRequest BuildPolicyContextRequest(EvaluateIdentityPolicyRequest request) { return new IdentityPolicyContextRequest( request.SubjectId, request.TenantId, request.PermissionCode, request.Provider); } public EvaluateIdentityPolicyResponse Evaluate( EvaluateIdentityPolicyRequest request, IdentityPolicyContextData policyContextData) { return new EvaluateIdentityPolicyResponse( request.SubjectId, request.PermissionCode, policyContextData.ContextSatisfied); } } private sealed class FakeIdentityPolicyContextReadPort : IIdentityPolicyContextReadPort { public Task ReadPolicyContextAsync(IdentityPolicyContextRequest request) { return Task.FromResult(new IdentityPolicyContextData( request.SubjectId, request.PermissionCode, IdentityAuthProvider.InternalJwt, true, [request.PermissionCode])); } } }