我想测试控制器上的属性是否正常运行。这些属性将允许和拒绝访问API方法中的资源。对于有效的请求,它会直接通过管道传递无效请求,它会停止管道并在到达方法之前抛出异常。
我正在使用nUnit测试进行这些测试。
所以我可以测试控制器,但是我需要测试该属性是否为每个控制器完成了它的工作。
答案 0 :(得分:1)
使用OWIN独立服务器设置集成测试的最佳选择 http://www.strathweb.com/2013/12/owin-memory-integration-testing/
然后,您可以在代码中模拟数据库/数据依赖性,并仅测试处理
答案 1 :(得分:1)
如果您使用默认的System.Web.Http.AuthorizeAttribute,那么您实际上不需要对其进行测试,因为它already has been tested by Microsoft guys。 如果您实现自定义AuthorizeAttribute,那么您只需要测试您的授权逻辑(基本上在调用具有不同测试方案的OnAuthorization方法后测试该actioncontext包含预期结果)。然后,您可以查看默认的AuthorizeAttribute测试以了解如何执行此操作(使用Moq library和xUnit framework):
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Security.Principal;
using System.Web.Http.Controllers;
using Moq;
public class CustomAuthorizeAttributeTest
{
private readonly Mock<HttpActionDescriptor> _actionDescriptorMock = new Mock<HttpActionDescriptor>() { CallBase = true };
private readonly Collection<AllowAnonymousAttribute> _allowAnonymousAttributeCollection = new Collection<AllowAnonymousAttribute>(new AllowAnonymousAttribute[] { new AllowAnonymousAttribute() });
private readonly MockableAuthorizeAttribute _attribute;
private readonly Mock<MockableAuthorizeAttribute> _attributeMock = new Mock<MockableAuthorizeAttribute>() { CallBase = true };
private readonly Mock<HttpControllerDescriptor> _controllerDescriptorMock = new Mock<HttpControllerDescriptor>() { CallBase = true };
private readonly HttpControllerContext _controllerContext;
private readonly HttpActionContext _actionContext;
private readonly Mock<IPrincipal> _principalMock = new Mock<IPrincipal>();
private readonly HttpRequestMessage _request = new HttpRequestMessage();
public AuthorizeAttributeTest()
{
_attribute = _attributeMock.Object;
_controllerContext = new Mock<HttpControllerContext>() { CallBase = true }.Object;
_controllerDescriptorMock.Setup(cd => cd.GetCustomAttributes<AllowAnonymousAttribute>()).Returns(new Collection<AllowAnonymousAttribute>(Enumerable.Empty<AllowAnonymousAttribute>().ToList()));
_actionDescriptorMock.Setup(ad => ad.GetCustomAttributes<AllowAnonymousAttribute>()).Returns(new Collection<AllowAnonymousAttribute>(Enumerable.Empty<AllowAnonymousAttribute>().ToList()));
_controllerContext.ControllerDescriptor = _controllerDescriptorMock.Object;
_controllerContext.Request = _request;
_actionContext = ContextUtil.CreateActionContext(_controllerContext, _actionDescriptorMock.Object);
_controllerContext.RequestContext.Principal = _principalMock.Object;
}
[Fact]
public void OnAuthorization_IfUserIsNotInUsersCollection()
{
_attribute.Users = "John";
_principalMock.Setup(p => p.Identity.IsAuthenticated).Returns(true).Verifiable();
_principalMock.Setup(p => p.Identity.Name).Returns("Mary").Verifiable();
_attribute.OnAuthorization(_actionContext);
AssertUnauthorizedRequestSet(_actionContext);
_principalMock.Verify();
}
private static void AssertUnauthorizedRequestSet(HttpActionContext actionContext)
{
Assert.NotNull(actionContext.Response);
Assert.Equal(HttpStatusCode.Unauthorized, actionContext.Response.StatusCode);
Assert.Same(actionContext.ControllerContext.Request, actionContext.Response.RequestMessage);
}
}
答案 2 :(得分:0)
我不确定这是否对你有帮助。请尝试POSTMAN工具。 参考postman