Change structure, use persistent state in grain and add tests (#1)

* add grain state

* add package

* move types to namespaces

* delete old project

* change some structures and models

* add serialization atribute to SessionEnity

* add class for controller tests

* added implementation for sessiongrain

* add grain tests

* move create session model to separate method

* add tests for validate session method

* add pause session method test

* add pause session failture test

* check if state exists by RecordExists property

* added methods to sessiongrain

* replace conditions with patterns

* change pattern

* fixed sessiongrain

* refactor extensions and grain

* add close session test

* add grain tests

* add regions for tests for each method

* change option in test

* add tests for claims

* add update property test

* add more cases for remove property tests

* remove property return fail if property not exists

* add session helper

* added controller tests and class with routes

* add send request to autorized route test

* add autorize test

* add test for routes with roles

* add tests for authorized controller

* add tests for unauthorized route in role authorized controller

* add test for autorized controller

* add test with 2 roles

* add grain filter test

* test when user and grain are authorized but route is not

Co-authored-by: Vitaliy Basanets <vitaliy@managed-code.com>

Author: TRybina132

ManagedCode.Orleans.Identity.Tests/Cluster/Grains/Interfaces/IUserGrain.cs

@@ -0,0 +1,6 @@
+namespace ManagedCode.Orleans.Identity.Tests.Cluster.Grains.Interfaces;
+
+public interface IUserGrain : IGrainWithStringKey
+{
+    Task<string> GetUser();
+}

ManagedCode.Orleans.Identity.Tests/Cluster/Grains/UserGrain.cs

@@ -0,0 +1,13 @@
+using ManagedCode.Orleans.Identity.Tests.Cluster.Grains.Interfaces;
+using Microsoft.AspNetCore.Authorization;
+
+namespace ManagedCode.Orleans.Identity.Tests.Cluster.Grains;
+
+[Authorize]
+public class UserGrain : Grain, IUserGrain
+{
+    public Task<string> GetUser()
+    {
+        return Task.FromResult("user");
+    }
+}

ManagedCode.Orleans.Identity.Tests/Cluster/TestSiloConfigurations.cs

@@ -1,3 +1,6 @@
+using ManagedCode.Orleans.Identity.Options;
+using ManagedCode.Orleans.Identity.Shared.Constants;
+using Microsoft.Extensions.DependencyInjection;
 using Orleans.Serialization;
 using Orleans.TestingHost;
 
@@ -9,18 +12,17 @@ public void Configure(ISiloBuilder siloBuilder)
     {
         siloBuilder.Services.AddSerializer(serializerBuilder =>
         {
-            //serializerBuilder.AddJsonSerializer();
+            serializerBuilder.AddJsonSerializer();
         });
-        //siloBuilder.ConfigureApplicationParts(parts =>
-        //{
-        //    parts.AddFrameworkPart(typeof(IRequestTrackerGrain).Assembly);
-        //    parts.AddFrameworkPart(typeof(RequestTrackerGrain).Assembly);
-        //});
+
+        // For test purpose
+        siloBuilder.AddMemoryGrainStorage(OrleansIdentityConstants.SESSION_STORAGE_NAME);
 
         siloBuilder.ConfigureServices(services =>
         {
+            services.AddSingleton<SessionOption>(TestSiloOptions.SessionOption);
             // services.AddGrpcOrleansScaling();
-          //  services.AddApiOrleansScaling();
+            //  services.AddApiOrleansScaling();
         });
     }
 }

ManagedCode.Orleans.Identity.Tests/Cluster/TestSiloOptions.cs

@@ -0,0 +1,8 @@
+using ManagedCode.Orleans.Identity.Options;
+
+namespace ManagedCode.Orleans.Identity.Tests.Cluster;
+
+public static class TestSiloOptions
+{
+    public static  SessionOption SessionOption { get; } = new SessionOption();
+}

ManagedCode.Orleans.Identity.Tests/Constants/TestControllerRoutes.cs

@@ -0,0 +1,18 @@
+namespace ManagedCode.Orleans.Identity.Tests.Constants
+{
+    public static class TestControllerRoutes
+    {
+        public const string ANONYMOUS_ROUTE = "/anonymous";
+        public const string AUTHORIZE_ROUTE = "/authorize";
+        public const string ADMIN_ROUTE = "/admin";
+        public const string MODERATOR_ROUTE = "/moderator";
+        public const string COMMON_ROUTE = "/common";
+
+        public const string ADMIN_CONTROLLER_DEFAULT_ROUTE = "/adminController";
+        public const string ADMIN_CONTROLLER_ADMINS_LIST = "/adminController/adminsList";
+        public const string ADMIN_CONTROLLER_ADMIN_GET_ADMIN = "/adminController/getAdmin";
+
+        public const string USER_CONTROLLER_DEFAULT_ROUTE = "/userController";
+        public const string USER_CONTROLLER_ANONYMOUS_ROUTE = "/userController/anonymous";
+    }
+}

ManagedCode.Orleans.Identity.Tests/ControllerTests.cs

@@ -0,0 +1,244 @@
+using FluentAssertions;
+using ManagedCode.Orleans.Identity.Grains.Interfaces;
+using ManagedCode.Orleans.Identity.Models;
+using ManagedCode.Orleans.Identity.Shared.Constants;
+using ManagedCode.Orleans.Identity.Tests.Cluster;
+using ManagedCode.Orleans.Identity.Tests.Constants;
+using ManagedCode.Orleans.Identity.Tests.Helpers;
+using System.Net;
+using System.Security.Claims;
+using Xunit;
+using Xunit.Abstractions;
+
+namespace ManagedCode.Orleans.Identity.Tests;
+
+[Collection(nameof(TestClusterApplication))]
+public class ControllerTests
+{
+    private readonly TestClusterApplication _testApp;
+    private readonly ITestOutputHelper _outputHelper;
+
+    private Dictionary<string, string> claimsForAdminController = new Dictionary<string, string>()
+    {
+        { ClaimTypes.Role, "Moderator" },
+        { ClaimTypes.Email, "test2@gmail.com" }
+    };
+
+    public ControllerTests(TestClusterApplication testApp, ITestOutputHelper outputHelper)
+    {
+        _testApp = testApp;
+        _outputHelper = outputHelper;
+    }
+
+    private async Task CreateSession(string sessionId, Dictionary<string, string> claims = null, bool replaceClaims = false)
+    {
+        var createSessionModel = SessionHelper.GetTestCreateSessionModel(sessionId, claims, replaceClaims);
+        var sessionGrain = _testApp.Cluster.Client.GetGrain<ISessionGrain>(sessionId);
+        await sessionGrain.CreateAsync(createSessionModel);
+    }
+
+    #region Route tests
+
+    [Fact]
+    public async Task SendRequestToUnauthorizedRoute_ReturnOk()
+    {
+        // Arrange
+        var client = _testApp.CreateClient();
+
+        // Act
+        var response = await client.GetAsync(TestControllerRoutes.ANONYMOUS_ROUTE);
+
+        // Assert
+        response.IsSuccessStatusCode.Should().BeTrue();
+    }
+
+    [Fact]
+    public async Task SendRequestToAuthorizedRoute_WhenNotAuthorized_ReturnUnauthorizedCode()
+    {
+        // Arrange
+        var client = _testApp.CreateClient();
+
+        // Act
+        var response = await client.GetAsync(TestControllerRoutes.AUTHORIZE_ROUTE);
+
+        // Assert
+        response.IsSuccessStatusCode.Should().BeFalse();
+        response.StatusCode.Should().Be(HttpStatusCode.Unauthorized);
+    }
+
+    [Fact]
+    public async Task SendRequestToAuthorizedRoute_WhenAuthorized_ReturnOk()
+    {
+        // Arrange
+        var client = _testApp.CreateClient();
+        var sessionId = Guid.NewGuid().ToString();
+        await CreateSession(sessionId);
+        client.DefaultRequestHeaders.Add(OrleansIdentityConstants.AUTH_TOKEN, sessionId);
+
+        // Act
+        var response = await client.GetAsync(TestControllerRoutes.AUTHORIZE_ROUTE);
+
+        // Assert
+        response.IsSuccessStatusCode.Should().BeTrue();
+    }
+
+    [Fact]
+    public async Task SendRequestToAuthorizedRouteWithRole_WhenAuthorizedWithRole_ReturnOk()
+    {
+        // Arrange
+        var client = _testApp.CreateClient();
+        var sessionId = Guid.NewGuid().ToString();
+        await CreateSession(sessionId);
+        client.DefaultRequestHeaders.Add(OrleansIdentityConstants.AUTH_TOKEN, sessionId);
+
+        // Act
+        var response = await client.GetAsync(TestControllerRoutes.ADMIN_ROUTE);
+
+        // Assert
+        response.IsSuccessStatusCode.Should().BeTrue();
+    }
+
+    [Fact]
+    public async Task SendRequestToAuthorizedRouteWithRole_WhenAuthorizedWithoutRole_ReturnForbidden()
+    {
+        // Arrange
+        var client = _testApp.CreateClient();
+        var sessionId = Guid.NewGuid().ToString();
+        await CreateSession(sessionId);
+        client.DefaultRequestHeaders.Add(OrleansIdentityConstants.AUTH_TOKEN, sessionId);
+
+        // Act
+        var response = await client.GetAsync(TestControllerRoutes.MODERATOR_ROUTE);
+
+        // Assert
+        response.IsSuccessStatusCode.Should().BeFalse();
+        response.StatusCode.Should().Be(HttpStatusCode.Forbidden);
+    }
+
+    [Fact]
+    public async Task SendRequestToAuthorizedRouteWitheRoles_WhenAuthorizedWithRoles_ReturnOk()
+    {
+        // Arrange
+        var client = _testApp.CreateClient();
+        var sessionId = Guid.NewGuid().ToString();
+        var roles = new Dictionary<string, string>()
+        {
+            { ClaimTypes.Role, "moderator" }
+        };
+        await CreateSession(sessionId, roles);
+        client.DefaultRequestHeaders.Add(OrleansIdentityConstants.AUTH_TOKEN, sessionId);
+
+        // Act
+        var response = await client.GetAsync(TestControllerRoutes.COMMON_ROUTE);
+
+        // Assert
+        response.IsSuccessStatusCode.Should().BeTrue();
+    }
+
+    [Fact]
+    public async Task SendRequestToAuthorizedRouteWitheRoles_WhenAuthorizedWithNotAllRoles_ReturnOk()
+    {
+        // Arrange
+        var client = _testApp.CreateClient();
+        var sessionId = Guid.NewGuid().ToString();
+        await CreateSession(sessionId);
+        client.DefaultRequestHeaders.Add(OrleansIdentityConstants.AUTH_TOKEN, sessionId);
+
+        // Act
+        var response = await client.GetAsync(TestControllerRoutes.COMMON_ROUTE);
+
+        // Assert
+        response.IsSuccessStatusCode.Should().BeTrue();
+    }
+    
+    #endregion
+
+    #region Controller tests
+
+    [Fact]
+    public async Task SendRequestToAuthorizedController_WhenHasRole_ReturnOk()
+    {
+        // Arrange
+        var client = _testApp.CreateClient();
+        var sessionId = Guid.NewGuid().ToString();
+        await CreateSession(sessionId);
+        client.DefaultRequestHeaders.Add(OrleansIdentityConstants.AUTH_TOKEN, sessionId);
+        
+        // Act
+        var response = await client.GetAsync(TestControllerRoutes.ADMIN_CONTROLLER_DEFAULT_ROUTE);
+        
+        // Assert
+        response.IsSuccessStatusCode.Should().BeTrue();
+    }
+
+    [Fact]
+    public async Task SendRequestToAuthorizedControllerToUnauthorizedRoute_WithoutRole_ReturnOk()
+    {
+        // Arrange
+        var client = _testApp.CreateClient();
+        var sessionId = Guid.NewGuid().ToString();
+        await CreateSession(sessionId, claimsForAdminController, true);
+        client.DefaultRequestHeaders.Add(OrleansIdentityConstants.AUTH_TOKEN, sessionId);
+
+        // Act
+        var response = await client.GetAsync(TestControllerRoutes.ADMIN_CONTROLLER_ADMINS_LIST);
+
+        // Assert
+        response.IsSuccessStatusCode.Should().BeTrue();
+    }
+
+    [Fact]
+    public async Task SendRequestToAuthorizedControllerToUnauthorizedRoute_NotAuthorized_ReturnOk()
+    {
+        // Arrange
+        var client = _testApp.CreateClient();
+
+        // Act
+        var response = await client.GetAsync(TestControllerRoutes.ADMIN_CONTROLLER_ADMINS_LIST);
+
+        // Assert
+        response.IsSuccessStatusCode.Should().BeTrue();
+    }
+
+    [Fact]
+    public async Task SendRequestToAuthorizedControllerToAuthorizedRoute_WhenAutorized_ReturnForbidden()
+    {
+        // Arrange
+        var client = _testApp.CreateClient();
+        var sessionId = Guid.NewGuid().ToString();
+        await CreateSession(sessionId, claimsForAdminController, true);
+        client.DefaultRequestHeaders.Add(OrleansIdentityConstants.AUTH_TOKEN, sessionId);
+
+        // Act
+        var response = await client.GetAsync(TestControllerRoutes.ADMIN_CONTROLLER_ADMIN_GET_ADMIN);
+
+        // Assert
+        response.IsSuccessStatusCode.Should().BeFalse();
+        response.StatusCode.Should().Be(HttpStatusCode.Forbidden);
+    }
+
+    [Fact]
+    public async Task SendRequestToToAuthorizedControllerToAuthorizedRouteWithRole_WhenAutorizedWithRole_ReturnOk()
+    {
+        // Arrange
+        var client = _testApp.CreateClient();
+        var sessionId = Guid.NewGuid().ToString();
+        var userClaims = new Dictionary<string, string>
+        {
+            { ClaimTypes.Role, "admin" },
+            { ClaimTypes.Role, "moderator" }
+        };
+
+        await CreateSession(sessionId, userClaims, true);
+        client.DefaultRequestHeaders.Add(OrleansIdentityConstants.AUTH_TOKEN, sessionId);
+
+        // Act
+        var response = await client.GetAsync(TestControllerRoutes.ADMIN_CONTROLLER_ADMIN_GET_ADMIN);
+
+        // Assert
+        response.IsSuccessStatusCode.Should().BeTrue();
+    }
+
+
+    #endregion
+}

ManagedCode.Orleans.Identity.Tests/GrainFilterTests.cs

@@ -0,0 +1,66 @@
+using FluentAssertions;
+using ManagedCode.Orleans.Identity.Grains.Interfaces;
+using ManagedCode.Orleans.Identity.Shared.Constants;
+using ManagedCode.Orleans.Identity.Tests.Cluster;
+using ManagedCode.Orleans.Identity.Tests.Constants;
+using ManagedCode.Orleans.Identity.Tests.Helpers;
+using Xunit;
+using Xunit.Abstractions;
+
+namespace ManagedCode.Orleans.Identity.Tests;
+
+[Collection(nameof(TestClusterApplication))]
+public class GrainFilterTests
+{
+    private readonly TestClusterApplication _testApp;
+    private readonly ITestOutputHelper _outputHelper;
+    
+    public GrainFilterTests(TestClusterApplication testApp, ITestOutputHelper outputHelper)
+    {
+        _testApp = testApp;
+        _outputHelper = outputHelper;
+    }
+    
+    private async Task CreateSession(string sessionId, Dictionary<string, string> claims = null, bool replaceClaims = false)
+    {
+        var createSessionModel = SessionHelper.GetTestCreateSessionModel(sessionId, claims, replaceClaims);
+        var sessionGrain = _testApp.Cluster.Client.GetGrain<ISessionGrain>(sessionId);
+        await sessionGrain.CreateAsync(createSessionModel);
+    }
+
+    #region User authorized
+
+    [Fact]
+    public async Task SendRequestToAuthorizedGrain_WhenAuthorized_ReturnOk()
+    {
+        // Arrange
+        var client = _testApp.CreateClient();
+        var sessionId = Guid.NewGuid().ToString();
+        await CreateSession(sessionId);
+        client.DefaultRequestHeaders.Add(OrleansIdentityConstants.AUTH_TOKEN, sessionId);
+
+        // Act
+        var response = await client.GetAsync(TestControllerRoutes.USER_CONTROLLER_DEFAULT_ROUTE);
+
+        // Assert
+        response.IsSuccessStatusCode.Should().BeTrue();
+    }
+
+    [Fact]
+    public async Task SendRequestToAuthorizedRoute_WhenGrainAndUserAreAuthorized_ReturnOk()
+    {
+        // Arrange
+        var client = _testApp.CreateClient();
+        var sessionId = Guid.NewGuid().ToString();
+        await CreateSession(sessionId);
+        client.DefaultRequestHeaders.Add(OrleansIdentityConstants.AUTH_TOKEN, sessionId);
+        
+        // Act
+        var response = await client.GetAsync(TestControllerRoutes.USER_CONTROLLER_ANONYMOUS_ROUTE);
+
+        // Assert
+        response.IsSuccessStatusCode.Should().BeTrue();
+    }
+
+    #endregion
+}