MVC planning poker-implementing security-part 4

I figured a way to see how to implement security. When the Moderator creates a table, the factory does not return a Table – but a combination of Table and ModeratorKey. Now the Moderator must maintain his ModeratorKey .The function that boots a participant requires passing this ModeratorKey – and , if it is correct, it boots the participant. The codes are the following:

 [TestMethod]
        public void UseCase3BootTemporary()
        {
            var td = createdTable();
            td.Table.BootParticipant(td.ModeratorKey, newParticipantName);
            Assert.AreEqual(0,td.Table.Participants.Count);
            td.Table.AddParticipant(newParticipantName);
            Assert.AreEqual(1, td.Table.Participants.Count);
            
        }

        [TestMethod]
        public void UseCase3BootPermanently()
        {
            var td = createdTable();
            td.Table.BootParticipant(td.ModeratorKey, newParticipantName,true);
            Assert.AreEqual(0, td.Table.Participants.Count);
            try
            {
                td.Table.AddParticipant(newParticipantName);
            }
            catch (PPBannedUserException)
            {
                return;//expecting this exception    
            }
            Assert.IsTrue(false,"the add participant should be throwing an error");
        }

Now, as you can see , anyone could boot a participant from the table – with the condition, of course, to know the Moderator key.
Next time we will implement cards.

MVC planning poker-implementing security-part 4

Leave a Reply Cancel reply

Andrei Ignat weekly software news(mostly .NET)