Merge branch 'main' of https://github.com/frasermolyneux/portal-web

Author: frasermolyneux

src/XtremeIdiots.Portal.Web.Tests/ApiControllers/BannersControllerTests.cs

@@ -0,0 +1,28 @@
+using Microsoft.AspNetCore.Authorization;
+using System.Reflection;
+using XtremeIdiots.Portal.Web.ApiControllers;
+
+namespace XtremeIdiots.Portal.Web.Tests.ApiControllers;
+
+public class BannersControllerTests
+{
+    [Fact]
+    public void BannersController_HasClassLevelAuthorizeAttribute()
+    {
+        var authorizeAttribute = typeof(BannersController).GetCustomAttributes(typeof(AuthorizeAttribute), true).SingleOrDefault();
+
+        Assert.NotNull(authorizeAttribute);
+    }
+
+    [Fact]
+    public void GetGameServers_HasAllowAnonymousAttribute_OnlyAnonymousActionInController()
+    {
+        var methods = typeof(BannersController).GetMethods(BindingFlags.Public | BindingFlags.Instance | BindingFlags.DeclaredOnly);
+        var allowAnonymousMethods = methods
+            .Where(method => method.GetCustomAttributes(typeof(AllowAnonymousAttribute), true).Length > 0)
+            .ToList();
+
+        Assert.Single(allowAnonymousMethods);
+        Assert.Equal(nameof(BannersController.GetGameServers), allowAnonymousMethods[0].Name);
+    }
+}

src/XtremeIdiots.Portal.Web/ApiControllers/BannersController.cs

@@ -48,6 +48,7 @@ public class BannersController(
     /// <param name="cancellationToken">Cancellation token for the request</param>
     /// <returns>List of HTML banner content</returns>
     [HttpGet("GetGameServers")]
+    [AllowAnonymous]
     [EnableCors("CorsPolicy")]
     public async Task<IActionResult> GetGameServers(CancellationToken cancellationToken = default)
     {