How do you unit test web page authorization using ASP.NET MVC?
- by Kevin Pang
Let's say you have a profile page that can only be accessed by the owner of that profile. This profile page is located at:
User/Profile/{userID}
Now, I imagine in order to prevent access to this page by other users, you could structure your UserController class's Profile function to check the current session's identity:
…