kawa/Sharepoint-Toolbox
1
0
Fork 0
Code Issues Pull Requests Actions Releases 9 Wiki Activity

feat(18-02): scan-loop elevation logic + PermissionsViewModel wiring + tests

Browse Source 
- Add _settingsService and _ownershipService fields to PermissionsViewModel
- Add SettingsService? and IOwnershipElevationService? to both constructors
- Add DeriveAdminUrl internal static helper for admin URL derivation
- Add IsAccessDenied helper catching ServerUnauthorizedAccessException + WebException 403
- Add IsAutoTakeOwnershipEnabled async helper reading toggle from SettingsService
- Refactor RunOperationAsync with try/catch elevation pattern (read toggle before loop)
- Tag elevated entries with WasAutoElevated=true via record with expression
- Add PermissionsViewModelOwnershipTests (8 tests): toggle OFF propagates, toggle ON elevates+retries, no elevation on success, WasAutoElevated tagging, elevation throw propagates, DeriveAdminUrl theory
This commit is contained in:
Dev
2026-04-09 14:31:58 +02:00
parent 11e835f586
commit 6270fe4605
2 changed files with 359 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

280
SharepointToolbox.Tests/ViewModels/PermissionsViewModelOwnershipTests.cs Normal file
View File

@@ -0,0 +1,280 @@
using System.Collections.Generic;
using System.Net;
using System.Threading;
using System.Threading.Tasks;
using CommunityToolkit.Mvvm.Messaging;
using Microsoft.Extensions.Logging.Abstractions;
using Microsoft.SharePoint.Client;
using Moq;
using SharepointToolbox.Core.Messages;
using SharepointToolbox.Core.Models;
using SharepointToolbox.Services;
using SharepointToolbox.ViewModels;
using SharepointToolbox.ViewModels.Tabs;
namespace SharepointToolbox.Tests.ViewModels;
/// <summary>
/// Tests for auto-elevation logic in PermissionsViewModel scan loop.
/// OWN-02: catch access-denied, call ElevateAsync, retry scan, tag entries.
/// </summary>
public class PermissionsViewModelOwnershipTests
{
/// <summary>
/// Creates a ServerUnauthorizedAccessException via Activator (the reference assembly
/// exposes a different ctor signature than the runtime DLL — use runtime reflection).
/// </summary>
private static ServerUnauthorizedAccessException MakeAccessDeniedException()
{
var t = typeof(ServerUnauthorizedAccessException);
var ctor = t.GetConstructors(System.Reflection.BindingFlags.Public | System.Reflection.BindingFlags.NonPublic | System.Reflection.BindingFlags.Instance)[0];
return (ServerUnauthorizedAccessException)ctor.Invoke(new object?[] { "Access Denied", "", 0, "", "ServerUnauthorizedAccessException", null, "" });
}
private static readonly string SiteUrl = "https://tenant.sharepoint.com/sites/test";
private static readonly string TenantUrl = "https://tenant.sharepoint.com";
private static PermissionsViewModel CreateVm(
Mock<IPermissionsService> permissionsSvc,
Mock<ISessionManager> sessionManager,
SettingsService? settingsService = null,
IOwnershipElevationService? ownershipService = null)
{
var siteListSvc = new Mock<ISiteListService>();
var logger = NullLogger<FeatureViewModelBase>.Instance;
var vm = new PermissionsViewModel(
permissionsSvc.Object,
siteListSvc.Object,
sessionManager.Object,
logger,
settingsService: settingsService,
ownershipService: ownershipService);
WeakReferenceMessenger.Default.Send(new GlobalSitesChangedMessage(
new List<SiteInfo> { new(SiteUrl, "Test Site") }.AsReadOnly()));
vm.SetCurrentProfile(new TenantProfile
{
Name = "Test",
TenantUrl = TenantUrl,
ClientId = "client-id"
});
return vm;
}
/// <summary>
/// When AutoTakeOwnership=false and ScanSiteAsync throws ServerUnauthorizedAccessException,
/// the exception propagates.
/// </summary>
[Fact]
public async Task ScanLoop_ToggleOff_AccessDenied_ExceptionPropagates()
{
var permSvc = new Mock<IPermissionsService>();
permSvc
.Setup(s => s.ScanSiteAsync(It.IsAny<ClientContext>(), It.IsAny<ScanOptions>(),
It.IsAny<IProgress<OperationProgress>>(), It.IsAny<CancellationToken>()))
.ThrowsAsync(MakeAccessDeniedException());
var sessionMgr = new Mock<ISessionManager>();
sessionMgr
.Setup(s => s.GetOrCreateContextAsync(It.IsAny<TenantProfile>(), It.IsAny<CancellationToken>()))
.ReturnsAsync((ClientContext)null!);
// No settingsService => toggle OFF (null treated as false)
var vm = CreateVm(permSvc, sessionMgr, settingsService: null, ownershipService: null);
await Assert.ThrowsAsync<ServerUnauthorizedAccessException>(
() => vm.TestRunOperationAsync(CancellationToken.None, new Progress<OperationProgress>()));
}
/// <summary>
/// When AutoTakeOwnership=true and scan throws access denied,
/// ElevateAsync is called once then ScanSiteAsync is retried.
/// </summary>
[Fact]
public async Task ScanLoop_ToggleOn_AccessDenied_ElevatesAndRetries()
{
var permSvc = new Mock<IPermissionsService>();
var callCount = 0;
permSvc
.Setup(s => s.ScanSiteAsync(It.IsAny<ClientContext>(), It.IsAny<ScanOptions>(),
It.IsAny<IProgress<OperationProgress>>(), It.IsAny<CancellationToken>()))
.ReturnsAsync(() =>
{
callCount++;
if (callCount == 1)
throw MakeAccessDeniedException();
return new List<PermissionEntry>
{
new("Site", "Test", SiteUrl, true, "User1", "u1@t.com", "Full Control", "Direct", "User")
};
});
var sessionMgr = new Mock<ISessionManager>();
sessionMgr
.Setup(s => s.GetOrCreateContextAsync(It.IsAny<TenantProfile>(), It.IsAny<CancellationToken>()))
.ReturnsAsync((ClientContext)null!);
var elevationSvc = new Mock<IOwnershipElevationService>();
elevationSvc
.Setup(e => e.ElevateAsync(It.IsAny<ClientContext>(), It.IsAny<string>(), It.IsAny<string>(), It.IsAny<CancellationToken>()))
.Returns(Task.CompletedTask);
var settingsSvc = FakeSettingsServiceWithAutoOwnership(true);
var vm = CreateVm(permSvc, sessionMgr, settingsService: settingsSvc, ownershipService: elevationSvc.Object);
await vm.TestRunOperationAsync(CancellationToken.None, new Progress<OperationProgress>());
// ElevateAsync called once
elevationSvc.Verify(
e => e.ElevateAsync(It.IsAny<ClientContext>(), It.IsAny<string>(), It.IsAny<string>(), It.IsAny<CancellationToken>()),
Times.Once);
// ScanSiteAsync called twice (first fails, retry succeeds)
permSvc.Verify(
s => s.ScanSiteAsync(It.IsAny<ClientContext>(), It.IsAny<ScanOptions>(),
It.IsAny<IProgress<OperationProgress>>(), It.IsAny<CancellationToken>()),
Times.Exactly(2));
}
/// <summary>
/// When ScanSiteAsync succeeds on first try, ElevateAsync is never called.
/// </summary>
[Fact]
public async Task ScanLoop_ScanSucceeds_ElevateNeverCalled()
{
var permSvc = new Mock<IPermissionsService>();
permSvc
.Setup(s => s.ScanSiteAsync(It.IsAny<ClientContext>(), It.IsAny<ScanOptions>(),
It.IsAny<IProgress<OperationProgress>>(), It.IsAny<CancellationToken>()))
.ReturnsAsync(new List<PermissionEntry>
{
new("Site", "Test", SiteUrl, true, "User1", "u1@t.com", "Full Control", "Direct", "User")
});
var sessionMgr = new Mock<ISessionManager>();
sessionMgr
.Setup(s => s.GetOrCreateContextAsync(It.IsAny<TenantProfile>(), It.IsAny<CancellationToken>()))
.ReturnsAsync((ClientContext)null!);
var elevationSvc = new Mock<IOwnershipElevationService>();
var settingsSvc = FakeSettingsServiceWithAutoOwnership(true);
var vm = CreateVm(permSvc, sessionMgr, settingsService: settingsSvc, ownershipService: elevationSvc.Object);
await vm.TestRunOperationAsync(CancellationToken.None, new Progress<OperationProgress>());
elevationSvc.Verify(
e => e.ElevateAsync(It.IsAny<ClientContext>(), It.IsAny<string>(), It.IsAny<string>(), It.IsAny<CancellationToken>()),
Times.Never);
}
/// <summary>
/// After successful elevation+retry, returned entries have WasAutoElevated=true.
/// </summary>
[Fact]
public async Task ScanLoop_AfterElevation_EntriesTaggedWasAutoElevated()
{
var permSvc = new Mock<IPermissionsService>();
var callCount = 0;
permSvc
.Setup(s => s.ScanSiteAsync(It.IsAny<ClientContext>(), It.IsAny<ScanOptions>(),
It.IsAny<IProgress<OperationProgress>>(), It.IsAny<CancellationToken>()))
.ReturnsAsync(() =>
{
callCount++;
if (callCount == 1)
throw MakeAccessDeniedException();
return new List<PermissionEntry>
{
new("Site", "Test", SiteUrl, true, "User1", "u1@t.com", "Full Control", "Direct", "User")
};
});
var sessionMgr = new Mock<ISessionManager>();
sessionMgr
.Setup(s => s.GetOrCreateContextAsync(It.IsAny<TenantProfile>(), It.IsAny<CancellationToken>()))
.ReturnsAsync((ClientContext)null!);
var elevationSvc = new Mock<IOwnershipElevationService>();
elevationSvc
.Setup(e => e.ElevateAsync(It.IsAny<ClientContext>(), It.IsAny<string>(), It.IsAny<string>(), It.IsAny<CancellationToken>()))
.Returns(Task.CompletedTask);
var settingsSvc = FakeSettingsServiceWithAutoOwnership(true);
var vm = CreateVm(permSvc, sessionMgr, settingsService: settingsSvc, ownershipService: elevationSvc.Object);
await vm.TestRunOperationAsync(CancellationToken.None, new Progress<OperationProgress>());
Assert.NotEmpty(vm.Results);
Assert.All(vm.Results, e => Assert.True(e.WasAutoElevated));
}
/// <summary>
/// If ElevateAsync itself throws, the exception propagates (no infinite retry).
/// </summary>
[Fact]
public async Task ScanLoop_ElevationThrows_ExceptionPropagates()
{
var permSvc = new Mock<IPermissionsService>();
permSvc
.Setup(s => s.ScanSiteAsync(It.IsAny<ClientContext>(), It.IsAny<ScanOptions>(),
It.IsAny<IProgress<OperationProgress>>(), It.IsAny<CancellationToken>()))
.ThrowsAsync(MakeAccessDeniedException());
var sessionMgr = new Mock<ISessionManager>();
sessionMgr
.Setup(s => s.GetOrCreateContextAsync(It.IsAny<TenantProfile>(), It.IsAny<CancellationToken>()))
.ReturnsAsync((ClientContext)null!);
var elevationSvc = new Mock<IOwnershipElevationService>();
elevationSvc
.Setup(e => e.ElevateAsync(It.IsAny<ClientContext>(), It.IsAny<string>(), It.IsAny<string>(), It.IsAny<CancellationToken>()))
.ThrowsAsync(new InvalidOperationException("Elevation failed"));
// ScanSiteAsync always throws access denied (does NOT succeed after elevation throws)
var settingsSvc = FakeSettingsServiceWithAutoOwnership(true);
var vm = CreateVm(permSvc, sessionMgr, settingsService: settingsSvc, ownershipService: elevationSvc.Object);
await Assert.ThrowsAsync<InvalidOperationException>(
() => vm.TestRunOperationAsync(CancellationToken.None, new Progress<OperationProgress>()));
// ScanSiteAsync was called exactly once (no retry after elevation failure)
permSvc.Verify(
s => s.ScanSiteAsync(It.IsAny<ClientContext>(), It.IsAny<ScanOptions>(),
It.IsAny<IProgress<OperationProgress>>(), It.IsAny<CancellationToken>()),
Times.Once);
}
/// <summary>
/// Validates DeriveAdminUrl logic for standard tenant URL.
/// </summary>
[Theory]
[InlineData("https://tenant.sharepoint.com", "https://tenant-admin.sharepoint.com")]
[InlineData("https://tenant.sharepoint.com/", "https://tenant-admin.sharepoint.com")]
[InlineData("https://tenant-admin.sharepoint.com", "https://tenant-admin.sharepoint.com")]
public void DeriveAdminUrl_ReturnsCorrectAdminUrl(string input, string expected)
{
var result = PermissionsViewModel.DeriveAdminUrl(input);
Assert.Equal(expected, result);
}
// ── Helpers ───────────────────────────────────────────────────────────────
private static SettingsService FakeSettingsServiceWithAutoOwnership(bool enabled)
{
// Use in-memory temp file
var tempFile = System.IO.Path.GetTempFileName();
System.IO.File.Delete(tempFile);
var repo = new SharepointToolbox.Infrastructure.Persistence.SettingsRepository(tempFile);
var svc = new SettingsService(repo);
// Seed via SetAutoTakeOwnershipAsync synchronously
svc.SetAutoTakeOwnershipAsync(enabled).GetAwaiter().GetResult();
return svc;
}
}