dohertj2/scadalink-design
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(central-ui): add the Notifications nav section

Browse Source
This commit is contained in:
Joseph Doherty
2026-05-19 06:17:58 -04:00
parent 8bb860ad5f
commit 0be1feb561
2 changed files with 124 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
src/ScadaLink.CentralUI/Components/Layout/NavMenu.razor
View File

@@ -24,9 +24,6 @@
<li class="nav-item">
<NavLink class="nav-link" href="/admin/api-keys">API Keys</NavLink>
</li>
<li class="nav-item">
<NavLink class="nav-link" href="/admin/smtp">SMTP Configuration</NavLink>
</li>
</Authorized>
</AuthorizeView>
@@ -65,6 +62,35 @@
</Authorized>
</AuthorizeView>
@* Notifications — mixed-role section; each item gated by its own policy.
The header is ungated: every authenticated user holds at least one of
Admin/Design/Deployment, so it always has a visible child. *@
<div role="presentation" class="nav-section-header">Notifications</div>
<AuthorizeView Policy="@AuthorizationPolicies.RequireAdmin">
<Authorized Context="notifAdminContext">
<li class="nav-item">
<NavLink class="nav-link" href="/notifications/smtp">SMTP Configuration</NavLink>
</li>
</Authorized>
</AuthorizeView>
<AuthorizeView Policy="@AuthorizationPolicies.RequireDesign">
<Authorized Context="notifDesignContext">
<li class="nav-item">
<NavLink class="nav-link" href="/notifications/lists">Notification Lists</NavLink>
</li>
</Authorized>
</AuthorizeView>
<AuthorizeView Policy="@AuthorizationPolicies.RequireDeployment">
<Authorized Context="notifDeploymentContext">
<li class="nav-item">
<NavLink class="nav-link" href="/notifications/report">Notification Report</NavLink>
</li>
<li class="nav-item">
<NavLink class="nav-link" href="/notifications/kpis">Notification KPIs</NavLink>
</li>
</Authorized>
</AuthorizeView>
@* Monitoring — Health Dashboard is all-roles; Event Logs and
Parked Messages are Deployment-role only (Component-CentralUI). *@
<div role="presentation" class="nav-section-header">Monitoring</div>
@@ -79,9 +105,6 @@
<li class="nav-item">
<NavLink class="nav-link" href="/monitoring/parked-messages">Parked Messages</NavLink>
</li>
<li class="nav-item">
<NavLink class="nav-link" href="/monitoring/notification-outbox">Notification Outbox</NavLink>
</li>
</Authorized>
</AuthorizeView>

95
tests/ScadaLink.CentralUI.Tests/Layout/NavMenuTests.cs Normal file
View File

@@ -0,0 +1,95 @@
using System.Security.Claims;
using Bunit;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Components;
using Microsoft.AspNetCore.Components.Authorization;
using Microsoft.AspNetCore.Components.Rendering;
using Microsoft.Extensions.DependencyInjection;
using ScadaLink.Security;
using NavMenu = ScadaLink.CentralUI.Components.Layout.NavMenu;
namespace ScadaLink.CentralUI.Tests.Layout;
/// <summary>
/// bUnit rendering tests for the sidebar <see cref="NavMenu"/>. They verify the
/// new Notifications section: its items are gated per-policy, and the old
/// <c>/admin/smtp</c> and <c>/monitoring/notification-outbox</c> routes are gone.
/// The <c>AuthorizeView Policy=...</c> blocks evaluate the real policies, which
/// require a claim of type <see cref="JwtTokenService.RoleClaimType"/> ("Role"),
/// so the test principal carries claims of that exact type.
/// </summary>
public class NavMenuTests : BunitContext
{
/// <summary>
/// Renders <see cref="NavMenu"/> under a principal holding the given roles.
/// <see cref="NavMenu"/>'s top-level <c>AuthorizeView</c> requires the
/// cascading <see cref="AuthenticationState"/>, so it is rendered inside a
/// <see cref="CascadingAuthenticationState"/>; the real policies are
/// registered so the per-item <c>AuthorizeView Policy=...</c> blocks are
/// genuinely evaluated.
/// </summary>
private IRenderedComponent<NavMenu> RenderWithRoles(params string[] roles)
{
var claims = new List<Claim> { new("Username", "tester") };
claims.AddRange(roles.Select(r => new Claim(JwtTokenService.RoleClaimType, r)));
var user = new ClaimsPrincipal(new ClaimsIdentity(claims, "TestAuth"));
Services.AddSingleton<AuthenticationStateProvider>(new TestAuthStateProvider(user));
Services.AddAuthorizationCore();
AuthorizationPolicies.AddScadaLinkAuthorization(Services);
// BunitContext pre-registers a placeholder IAuthorizationService that
// throws when AuthorizeView evaluates a policy. Force the real service
// so the per-item policy gating is genuinely exercised.
Services.AddSingleton<IAuthorizationService, DefaultAuthorizationService>();
var host = Render<CascadingAuthenticationState>(parameters => parameters
.Add(p => p.ChildContent, (RenderFragment)(builder =>
{
builder.OpenComponent<NavMenu>(0);
builder.CloseComponent();
})));
return host.FindComponent<NavMenu>();
}
[Fact]
public void NotificationsSection_ShowsAllItems_ForMultiRoleUser()
{
var cut = RenderWithRoles("Admin", "Design", "Deployment");
cut.WaitForAssertion(() =>
{
Assert.Contains("Notifications", cut.Markup);
Assert.Contains("/notifications/smtp", cut.Markup);
Assert.Contains("/notifications/lists", cut.Markup);
Assert.Contains("/notifications/report", cut.Markup);
Assert.Contains("/notifications/kpis", cut.Markup);
});
}
[Fact]
public void NotificationsSection_AdminOnlyUser_SeesOnlySmtp()
{
var cut = RenderWithRoles("Admin");
cut.WaitForAssertion(() =>
{
Assert.Contains("/notifications/smtp", cut.Markup);
Assert.DoesNotContain("/notifications/report", cut.Markup);
Assert.DoesNotContain("/notifications/lists", cut.Markup);
Assert.DoesNotContain("/notifications/kpis", cut.Markup);
});
}
[Fact]
public void OldRoutes_AreNoLongerLinked()
{
var cut = RenderWithRoles("Admin", "Design", "Deployment");
cut.WaitForAssertion(() =>
{
Assert.DoesNotContain("/admin/smtp", cut.Markup);
Assert.DoesNotContain("/monitoring/notification-outbox", cut.Markup);
});
}
}