@@ -356,7 +356,7 @@ public async Task PatchJobWhenIsAnOwner(string role)
356356
357357 [ TestMethod ]
358358 [ DataRow ( Roles . JOB_CREATOR ) ]
359- public async Task RemoveGMMAsync_AuthorizedUser_ReturnsOk ( string role )
359+ public async Task RemoveGMMAsyncWhenIsAnAuthorizedUser ( string role )
360360 {
361361 var syncJobId = Guid . NewGuid ( ) ;
362362
@@ -377,6 +377,59 @@ public async Task RemoveGMMAsync_AuthorizedUser_ReturnsOk(string role)
377377 Assert . IsInstanceOfType ( result , typeof ( OkResult ) ) ;
378378 }
379379
380+ [ TestMethod ]
381+ [ DataRow ( Roles . HYPERLINK_ADMINISTRATOR ) ]
382+ public async Task RemoveGMMAsyncWhenIsAnUnauthorizedUser ( string role )
383+ {
384+ var syncJobId = Guid . NewGuid ( ) ;
385+
386+ var context = CreateHttpContext ( new List < Claim > {
387+ new Claim ( ClaimTypes . Name , "user@domain.com" ) ,
388+ new Claim ( ClaimTypes . Role , role ) ,
389+ new Claim ( "http://schemas.microsoft.com/identity/claims/objectidentifier" , Guid . NewGuid ( ) . ToString ( ) ) } ) ;
390+
391+
392+ _jobDetailsController = new JobDetailsController ( _getJobDetailsHandler , _removeGMMHandler , _patchJobHandler )
393+ {
394+ ControllerContext = CreateControllerContext ( context )
395+ } ;
396+
397+ _graphGroupRepository . Setup ( x => x . IsEmailRecipientOwnerOfGroupAsync ( It . IsAny < string > ( ) , It . IsAny < Guid > ( ) ) )
398+ . ReturnsAsync ( ( ) => false ) ;
399+
400+ var response = await _jobDetailsController . RemoveGMMAsync ( syncJobId ) ;
401+ var result = response as ForbidResult ;
402+
403+ Assert . IsInstanceOfType ( result , typeof ( ForbidResult ) ) ;
404+ }
405+
406+ [ TestMethod ]
407+ [ DataRow ( Roles . JOB_CREATOR ) ]
408+ public async Task RemoveGMMAsyncWhenInvalidGroup ( string role )
409+ {
410+ var syncJobId = Guid . NewGuid ( ) ;
411+
412+ var context = CreateHttpContext ( new List < Claim > {
413+ new Claim ( ClaimTypes . Name , "notOwner@domain.com" ) ,
414+ new Claim ( ClaimTypes . Role , role ) ,
415+ new Claim ( "http://schemas.microsoft.com/identity/claims/objectidentifier" , Guid . NewGuid ( ) . ToString ( ) ) } ) ;
416+
417+
418+ _jobDetailsController = new JobDetailsController ( _getJobDetailsHandler , _removeGMMHandler , _patchJobHandler )
419+ {
420+ ControllerContext = CreateControllerContext ( context )
421+ } ;
422+
423+ _syncJobRepository . Setup ( x => x . GetSyncJobAsync ( It . IsAny < Guid > ( ) ) )
424+ . ReturnsAsync ( ( SyncJob ) null ) ;
425+
426+ var response = await _jobDetailsController . RemoveGMMAsync ( syncJobId ) ;
427+ var result = response as NotFoundResult ;
428+
429+ Assert . IsNotNull ( result ) ;
430+ Assert . AreEqual ( 404 , result . StatusCode ) ;
431+ }
432+
380433 private ControllerContext CreateControllerContext ( HttpContext httpContext )
381434 {
382435 return new ControllerContext { HttpContext = httpContext } ;
0 commit comments