CSP-1392: POST Permissions Endpoint

src/SFA.DAS.PR.Api.UnitTests/Controllers/Permissions/PermissionsControllerPostTests.cs

@@ -0,0 +1,62 @@
+using AutoFixture.NUnit3;
+using FluentAssertions;
+using MediatR;
+using Microsoft.AspNetCore.Mvc;
+using Moq;
+using SFA.DAS.PR.Api.Controllers;
+using SFA.DAS.PR.Application.Mediatr.Responses;
+using SFA.DAS.PR.Application.Permissions.Commands.PostPermissions;
+using SFA.DAS.Testing.AutoFixture;
+
+namespace SFA.DAS.PR.Api.UnitTests.Controllers.Permissions;
+
+public class PermissionsControllerPostTests
+{
+    [Test]
+    [MoqAutoData]
+    public async Task PostPermission_InvokesQueryHandler(
+      [Frozen] Mock<IMediator> mediatorMock,
+      [Greedy] PermissionsController sut,
+      PostPermissionsCommand command,
+      CancellationToken cancellationToken
+   )
+    {
+        await sut.PostPermission(command, cancellationToken);
+
+        mediatorMock.Verify(m =>
+            m.Send(It.Is<PostPermissionsCommand>(q =>
+                q.AccountLegalEntityId == command.AccountLegalEntityId && 
+                q.Ukprn == command.Ukprn &&
+                q.Operations == command.Operations &&
+                q.UserRef == command.UserRef
+            ),
+            cancellationToken)
+        );
+    }
+
+    [Test, MoqAutoData]
+    public async Task PostPermission_HandlerReturnsData_ReturnsOkResponse(
+        [Frozen] Mock<IMediator> mediatorMock,
+        [Greedy] PermissionsController sut,
+        PostPermissionsCommand command,
+        PostPermissionsCommandResult postPermissionsCommandResult,
+        CancellationToken cancellationToken
+    )
+    {
+        var response = new ValidatedResponse<PostPermissionsCommandResult>(postPermissionsCommandResult);
+
+        mediatorMock.Setup(m => m.Send(
+            It.Is<PostPermissionsCommand>(q =>
+                q.AccountLegalEntityId == command.AccountLegalEntityId &&
+                q.Ukprn == command.Ukprn &&
+                q.Operations == command.Operations &&
+                q.UserRef == command.UserRef
+            ),
+            cancellationToken)
+        ).ReturnsAsync(response);
+
+        var result = await sut.PostPermission(command, cancellationToken);
+        result.As<OkObjectResult>().Should().NotBeNull();
+        result.As<OkObjectResult>().Value.Should().Be(postPermissionsCommandResult);
+    }
+}

src/SFA.DAS.PR.Api/Controllers/PermissionsController.cs

@@ -5,6 +5,7 @@
 using SFA.DAS.PR.Api.Common;
 using SFA.DAS.PR.Api.SwaggerExamples;
 using SFA.DAS.PR.Application.Mediatr.Responses;
+using SFA.DAS.PR.Application.Permissions.Commands.PostPermissions;
 using SFA.DAS.PR.Application.Permissions.Queries.GetHasPermissions;
 using SFA.DAS.PR.Application.Permissions.Queries.GetPermissions;
 using SFA.DAS.PR.Application.Permissions.Queries.HasRelationshipWithPermission;
@@ -53,4 +54,14 @@ public async Task<IActionResult> HasPermission([FromQuery] GetHasPermissionsQuer
         ValidatedResponse<bool> result = await _mediator.Send(query, cancellationToken);
         return GetResponse(result);
     }
+
+    [HttpPost]
+    [Authorize(Policy = Policies.Management)]
+    [ProducesResponseType(typeof(bool), StatusCodes.Status200OK)]
+    [ProducesResponseType(typeof(List<ValidationError>), StatusCodes.Status400BadRequest)]
+    public async Task<IActionResult> PostPermission([FromBody] PostPermissionsCommand command, CancellationToken cancellationToken)
+    {
+        ValidatedResponse<PostPermissionsCommandResult> result = await _mediator.Send(command, cancellationToken);
+        return GetResponse(result);
+    }
 }

src/SFA.DAS.PR.Application.UnitTests/AccountProviders/Queries/GetAccountProviders/GetAccountProvidersQueryHandlerTests.cs

@@ -23,7 +23,7 @@ CancellationToken cancellationToken
         )
         {
             accountLegalEntityReadRepository.Setup(a =>
-                a.GetAccountLegalEntiies(accountId, cancellationToken)
+                a.GetAccountLegalEntities(accountId, cancellationToken)
             ).ReturnsAsync(legalEntities);
 
             GetAccountProvidersQueryResult expectedResult = new(accountId, AccountProviderModel.BuildAccountProviderModels(legalEntities));
@@ -44,7 +44,7 @@ CancellationToken cancellationToken
         )
         {
             accountLegalEntityReadRepository.Setup(a =>
-                a.GetAccountLegalEntiies(accountId, cancellationToken)
+                a.GetAccountLegalEntities(accountId, cancellationToken)
             ).ReturnsAsync(() => new List<AccountLegalEntity>());
 
             GetAccountProvidersQueryResult expectedResult = new(accountId, []);

src/SFA.DAS.PR.Application.UnitTests/EmployerRelationships/Queries/GetEmployerRelationships/GetEmployerRelationshipsQueryHandlerTests.cs

@@ -26,7 +26,7 @@ CancellationToken cancellationToken
 
         ValidatedResponse<GetEmployerRelationshipsQueryResult> result = await sut.Handle(query, cancellationToken);
 
-        Assert.That(result.Result.AccountLegalEntities, !Is.Empty);
+        Assert.That(result.Result!.AccountLegalEntities, !Is.Empty);
     }
 
     [Test]
@@ -46,6 +46,6 @@ CancellationToken cancellationToken
 
         ValidatedResponse<GetEmployerRelationshipsQueryResult> result = await sut.Handle(query, cancellationToken);
 
-        Assert.That(result.Result.AccountLegalEntities, Is.Empty);
+        Assert.That(result.Result!.AccountLegalEntities, Is.Empty);
     }
 }