Document finance workflow and security toggle

This commit is contained in:
2026-05-19 14:26:04 +02:00
parent b23f73ecd6
commit 383796df87
7 changed files with 358 additions and 3 deletions
@@ -46,6 +46,20 @@ public class SecurityPolicyFactoryTests
Assert.True(result.Succeeded);
}
[Fact]
public async Task AccessPolicy_Allows_User_When_Security_Is_Disabled()
{
var policy = SecurityPolicyFactory.BuildAccessPolicy(new SecurityOptions
{
Enabled = false,
AccessGroups = ["TRAFAG\\TrafagSalesExporter-Users"]
}, useDevelopmentAuthentication: false);
var result = await AuthorizeAsync(policy, CreateAnonymousUser());
Assert.True(result.Succeeded);
}
[Fact]
public async Task AdminPolicy_Allows_User_In_Admin_Group()
{
@@ -95,6 +109,20 @@ public class SecurityPolicyFactoryTests
Assert.False(result.Succeeded);
}
[Fact]
public async Task AdminPolicy_Allows_User_When_Security_Is_Disabled()
{
var policy = SecurityPolicyFactory.BuildAdminPolicy(new SecurityOptions
{
Enabled = false,
AdminGroups = ["TRAFAG\\TrafagSalesExporter-Admins"]
}, useDevelopmentAuthentication: false);
var result = await AuthorizeAsync(policy, CreateAnonymousUser());
Assert.True(result.Succeeded);
}
private static async Task<AuthorizationResult> AuthorizeAsync(AuthorizationPolicy policy, ClaimsPrincipal user)
{
var services = new ServiceCollection();
@@ -119,4 +147,5 @@ public class SecurityPolicyFactoryTests
return new ClaimsPrincipal(new ClaimsIdentity(allClaims, "Test"));
}
private static ClaimsPrincipal CreateAnonymousUser() => new(new ClaimsIdentity());
}