如何从AuthorizationFilterAttribute重构HttpContext进行测试?

时间:2016-03-15 18:02:54

标签: c# asp.net-web-api2

我遇到了这段代码,因为它引用了HttpContext而无法测试它。如何删除对HttpContext的依赖以使其可测试?

public class AuthorizeByUserStatus :AuthorizationFilterAttribute
{
    private readonly UserStatusEnum status;

    public AuthorizeByUserStatus(UserStatusEnum status)
    {
        this.status = status;
    }

    public override async Task OnAuthorizationAsync(HttpActionContext actionContext, CancellationToken cancellationToken)
    {
        var authorize = false;
        var user = HttpContext.Current.User;
        var userIdentity = user.GetIdentity();

        if (userIdentity.UserStatus >= status)
        {
            authorize = true;
        }

        if (authorize)
        {
            base.OnAuthorization(actionContext);
        }
        else
        {
            throw new HttpResponseException(HttpStatusCode.Unauthorized);
        }
    }
}

1 个答案:

答案 0 :(得分:0)

替换静态HttpContext方法并引用传入的actionContext,其中包含我们需要的信息!

var userIdentity = actionContext.RequestContext.Principal.GetIdentity();

现在,您可以使用正确设置的请求详细信息传递actionContext,以获取请求用户身份。

相关问题
最新问题